August 01, 2003
$6,995, plus $595 per server
- Ease of Use:
- Value for Money:
- Overall Rating:
Integrates with existing management infrastructures, such as IBM Tivoli and HP OpenView.
Does not actively prevent changes.
A good solution for managing changes, authorized or unauthorized, and manually reverting back to known good configurations.
A complete Tripwire system consists of two components: Tripwire for Servers, which is an agent that must be installed on all servers that are to be protected; and Tripwire Manager, which provides central management for any number of Tripwire for Servers agents. Communications between server agents and management workstation are secured using the secure sockets layer (SSL) protocol.
Tripwire for Servers monitors changes on the servers on which it is installed. It works by comparing data with known good source files in the Tripwire database. If it detects a changed file, it automatically notifies you and can even tell you who made the change. What to monitor is controlled by policies set using Tripwire Manager. Included are default policy files for each supported OS to make it easy to set up which files should be monitored.
Tripwire Manager offers an intuitive graphic user interface for managing multiple servers, which may be gathered together in groups to make management quick and easy. The grouping can even be multi-level to facilitate the control of large numbers of server agents. The interface is really very graphical with pie charts displaying changes, which are grouped based on severity or type. Filters combine with an excellent reporting engine to deliver highly customizable reports that are also exportable as XML or HTML files.
Tripwire Manager allows the scheduling of integrity checks in a flexible way. For example, web site content might need to be checked for defacement every 15 minutes, while operating system files are checked daily. Any changes detected can be compared quickly across multiple servers to identify those that may have suffered the same change. Authorized changes may be accepted so that they are not flagged any more. Recovery (or roll-back) is also easy. SNMP traps and other events (syslog and email) may be triggered by the detection of changes.
Tripwire for Servers is available for servers running MS Windows XP/2000/NT4, Linux, Sun Solaris for SPARC, HP-UX, AIX, Tru64 and FreeBSD. Tripwire Manager is written in Java so that it is also platform-independent and the following platforms are supported: Microsoft Windows XP/2000/NT4, Linux and Sun Solaris for SPARC. It also integrates with common management tools.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Junior Penetration Tester, Hertfordshire, to £35k + benefits
Infosec People - England, Hertfordshire
Cyber Security Architect
CYBER EXECS - London (Greater)
SOC Analyst, Aldershot, £47-56k + package
Infosec People - Hampshire, England, Aldershot
Senior Security Engineer
Loveworklife Recruitment - United Kingdom
Sign up to our newsletters
SC Magazine UK Articles
- Tesco Bank allegedly ignored warnings of hack from Visa
- Investigatory Powers and Digital Economy Bills could threaten economy
- Updated: A million German routers knocked offline by failed Mirai botnet attack
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Microsoft update left Azure Linux virtual machines open to hacking
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- ICYMI: Tesco warned; IP Bill threatens economy; German routers offline; Azure trojan; Gooligan fraud
- Data centres are on the move - where will they end up?
- 90% of ITDMs believe IAM is crucial to digital transformation success
- Research: Hacked companies could see customer exodus if breached
- Misconfigured drive exposes locations of explosives used by oil industry