June 01, 2010
£4,531 for console and backend database; £64-£1,487 for devices
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: A lot of predefined policy configurations that offer a great amount of flexibility
- Weaknesses: Difficult to configure
- Verdict: This product shows its heritage, especially for spotting changes in critical files. Just be sure that you know what you are doing when you configure and deploy it
Tripwire Enterprise uses both agent-based and agent-less approaches to assess and maintain server and device configurations and keep them in line with both company and federal policy. It includes standards such as FISMA, as well as regulations such as HIPAA, GLBA and PCI DSS.
It combines many policy sources with several platforms and device types, which results in over 215 pre-built and customisable policies right out of the box.
Installation is quite straightforward and is launched from an executable and lead by a short installation wizard. At the completion of the wizard the web-based management interface can be launched and initial configuration can begin. The interface is a bit awkward to use. It took us a few minutes of clicking around and reading the documentation to really get a feel of how to use the product.
Policy configuration is also a bit tricky. The root policy tree is empty to begin with and we had to go through the documentation several times to complete the configuration and get things up and running before designing and assigning policies. However, it does a great job of offering flexibility in policy configuration and once we had a feel for it we found it to be more comfortable to navigate and use.
Documentation consisted of three PDF guides. The installation guide provided clear step-by-step instructions throughout the entire installation process, while the user guide offered an in-depth look at configuring and managing the product. The reference guide gives some logging and integration information, as well as working in the product's command line interface. All of the guides included many screenshots and configuration examples.
Tripwire offers both standard and premium support at an extra cost. The levels provide different support options ranging from phone and email support hours to accelerated response times and named contacts. All customers receiving support can also access a large web-based community that includes downloads, forums and a knowledgebase.
At a price just over £4,530 before server and device licences we find Tripwire Enterprise to be average value for the money. While it does offer a lot of policy features we find it is difficult to use and has quite a learning curve.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry