The RSA Distributor of The Year - EMEA - 2012 My employer, COMPUTERLNKS ME, The RSA Distributor in Middle East and Africa has been awarded as "The RSA Distributor of The Year" for the product I manage, RSA - The Security Division of EMC in Middle East and Africa. Read the Full Story
The Service Partner of The Year - Kaspersky Lab - 2011 My employer, ValueSYS, Kaspersky Distributor in North Africa has been awarded as "The Service Partner of The Year" for the product I manage, Kaspersky Anti-virus in North Africa. Read the Full Story
All Content Under Creative Common License! All Content is under Creative Common License: Attribution - Noncommercial - No Derviative Works 3.0 Unported - to share under conditions Read the Full Story
The Most Innovative Partner Award - Kaspersky Lab - 2010 ValueSYS, my employer won the award of "The Most Innovative Partner of 2010" for the product I manage, Kaspersky Anti-virus in North Africa. Read the Full Story
* * * *
image image image image

Tripwire is known as a leader in Change Auditing and FIM area helping organization to achieve compliance and enhanced security, in this article we will summarize the deployment options for Tripwire Enterprise, and in another article we will review the advanced features and capabilities of Tripwire Enterprise.

Tripwire announced another product called Tripwire Log Center that capable to collect, store, index and correlate logs –Log and Event Management capabilities – Tripwire combined both products in our suite called Tripwire VIA and they say that the two products are integrated and they are able to integrate the change, log and event into one single view to identity threats! It will be really interesting to see this in action!

In this article, we will focus on Tripwire Enterprise and its capabilities for Change Auditng and File Integrity Monitoring and how it’s deployed.

Most organizations face a problem to maintain a complied status after achieving the first compliance, Tripwire Enterprise highly integrates its Change Auditing component with the Policy/Configuration Assessment components to ensure Continuous Compliance by completely automating the process of detecting changes and reflecting it on policies/reports without any interaction from the system administrator, which provides REAL TIME view for changes and current compliance status.

Tripwire can be deployed in three different scenarios on monitored machines:

  • Agentless (Network Devices, Linux and UNIX systems)
  • Agent  for Windows OSs
  • Agentless for Windows OSs by using another deployed agent on any other machine

Benefits of using Agent technique:

  • Avoid “Mega-scans” over the network and the systems which include complete assess, gather, analyze for the compliance information for the machines/systems in scope.
  • Provide a very detailed level of compliance information that can include “contents, authorized or not authorized and who did it”
  • Avoid providing system administrative credentials of your machines/systems to make the remote “Mega Scans”
  • Using agents, Tripwire keeps a cache of compliance information on each machine, so only new changes are monitored against the compliance policy and the machine baseline to ensure continuous compliance and minimal impact on network/systems performance
  • Provide REAL TIME monitoring/compliance information instead of performs mega-scans on big intervals like a month/2weeks.

** This article is under CC – Creative Commons License – Attribution – Noncommercial – No Derivative Works 3.0 Unported

Category: Reviews
Share on Myspace