PRODUCT BRIEF

TRIPWIRE ENTERPRISE 8.2 CONNECT. PROTECT. DETECT.

Tripwire Enterprise has long been viewed by the industry as one of the best security investments you can make. In 2012 SC Magazine noted that Tripwire Enterprise extends the Tripwire legacy of excellent products while two years prior acknowledged that Tripwire is almost a generic term for spotting changes in critical files. Its no surprise then that Control #3 of the SANS 20 Critical Security Controls states, centralized solutions like Tripwire are preferred over stand-alone solutions. All of this adds up to award-winning IT security and SC Magazine Awards two years running. Tripwire Enterprise is a security configuration management suite that provides fully integrated solutions for policy, file integrity and remediation management. The suite lets IT security directors and CISOs rapidly achieve a foundational level of security throughout their IT infrastructure and easily demonstrate how it protects the organizations key assets, services and initiatives. It then continually maintains that level, in spite of the patches, updates, fixes, and application and configuration changes that tend to destabilize security configurations and whittle away at overall organizational security. A key solution in the Tripwire VIA platform, Tripwire Enterprise supports the platforms connect, protect and detect strategy by: Connecting the hardening and integrity of information systems to the priorities, initiatives and risk management needs of the businesses or missions they serve. Protecting information through an enterprise-class hardening system that provides a consistent, objective view of overall security posture across all devices and systems. Detecting deviations from known and trusted, hardened states, and by highlighting the anomalies that indicates threats or breaches.

TIGHTLY INTEGRATED CONTROLS FOR END-TO-END SECURITY CONFIGURATION MANAGEMENT

Each of Tripwire Enterprises three components is uniquely suited to its individual task. Combined, they create a formidable enterprise-class solution. Policy Manager offers enterprisewide system hardening of file systems and desktops as well as network devices and databases, across numerous platforms and protocolsa task many dismiss as Herculean and too difficult to achieve. Tripwire Enterprise makes this possible through agent-based and agent-less configuration assessment, complete policy customization, waiver and exception management, automated remediation options, and granular policy scoring with thresholds, weights and severities. File Integrity Manager is the de-facto standard for integrity checking across large heterogeneous environments. But used in conjunction with Policy Manager, it turns passive configuration assessment into a dynamic, continuous, and real-time defensive solution that immediately detects deviations from expected, secure configuration standards and hardening guidelines.

 Remediation Manager is an optional add-on component for Tripwire Enterprise that allows security and compliance teams to automate repair of drifted, mis-aligned security configurations while retaining role-based management, approvals and sign-offs for repairs.

INDUSTRY-LEADING IT SECURITY CAPABILITIES WITH TRIPWIRE VIA

As part of the Tripwire VIA platform, Tripwire Enterprise can leverage these components that offer key IT security capabilities. Tripwire VIA Asset View helps organizations manage their Tripwiremonitored assets through their unique business lens by assigning tags that categorize them based on notions of risk, priority, relevance and organizational alignment. Security teams can filter these tags to support dynamic views of IT assets in business contextsfor example, to cloud-based web servers that host the organizations e-commerce capabilities. Plus, because tags can be assigned to multiple assets simultaneously, its quick and easy to onboard groups of similar assets. Tripwire VIA Data Mart, a Tripwire Enterprise add-on, extracts, abstracts and transforms raw security data (like configuration policy test scores, critical change information, and thirdparty security data) into business intelligence. Security team members

at all levels can use this intelligence with standard business intelligence and reporting tools to see security information from the unique perspective they require. Tripwire VIA Tag Integration Framework lets organizations use the descriptive metadata assigned to assets through other IT systems as Asset View tags that can be used in Tripwire Enterprise. That saves time tagging assets, and ensures that their classification reflects the business environment. Tripwire VIA Product Integration uses the Tripwire VIA platform to allow Tripwire solutions like Tripwire Enterprise and Tripwire Log Center to integrate with each other through common workflows, context, and analytics.

.: Tripwire, the original hostbased intrusion detection system (HIDS) that detected macro changes to files and folders, was co-developed by Gene Kim, security guru and co-author of The Visible Ops Handbook. Redeveloped into Tripwire for Servers and later Tripwire Enterprise, it rapidly became the recognized standard for change auditeven being mentioned by name in the VISA Card Information Security Program (CISP) specification, the precursor to the PCI standard. Years spent honing this ability has resulted in a solution that detects even the finestgrained changes. Now, as an industry-recognized SCM solution, Tripwire Enterprise helps large multi-national enterprises manage their configuration integrity. :.

ENTERPRISE SUPPORT
Tripwire Enterprise supports agentbased and agent-less assessment and monitoring across: All major file systems and desktops: Windows, Red Hat, SUSE, Solaris, etc. Directory Services: Active Directory, e-Directory, etc. Network Devices: Firewall configurations, routers, IPS and IDS configurations, etc. Databases: Oracle, MS SQL, Sybase, DB2, etc.

HIPAA

WHITE PAPER HIPAA WHITE PAPER WHITE PAPER

HIPAA

BY AUTHOR NAME,

COMPANY AND

TITLE

ONS TY PROVISI AL? SECURI FOR A PHYSIC HIPAAYOUR ONS NETWORK READY IS TY PROVISI AL? SECURI FOR A PHYSIC HIPAAYOUR NETWORK READY IS ONS TY PROVISI AL? FOR A PHYSIC HIPAA SECURI
BY AUTHOR NAME, COMPANY AND TITLE BY AUTHOR NAME, COMPANY AND TITLE

LOOKING FOR ADDITIONAL INFORMATION?

.: Click below or visit www.tripwire.com for the following datasheets
Policy Manager Remediation Manager Data Mart Report Catalog File Integrity Manager Asset View Tripwire VIA Integration

IS YOUR NETW

ORK READY

ITY ES MiFID SECUR II SYSTEM OUTAG ITY BREACHES VIOLATIONS BASEL GLBA SECUR VIOLAFDCC REGULATORY ISO27001 SYSTEM OUTAGES MiFID SECURITY ATORYES FAILED AUDITS PCI REGULOUTAG IONS BASEL II SYSTEM VIOLAT R THREATS PCI FAILED AUDITS ATORY VIOLATIONS THREATS PCI ITY BREACHES ATORY R ATORY VIOLATIONS HES NERC INSIDE PCI FAILED AUDITS PCI REGUL ES GLBA SECUR II VIOLAINSIDE PCI REGUL REGUL OUTAG NERC FDCC AUDIT SYSTEM HES BASELATORY MiFID SECURITY SECURITY BREAC 01 S AUDITS IONS BREAC FAILED REGUL R THREATS ISO270 ITY FAILED PCI VIOLAT FDCC ES IONS INSIDE PCI TS SECUR TS ATORY AUDITS PCI OUTAG COBIT VIOLAT THREA R ATORY REGUL AUDITS SYSTEM PCI INSIDE II 01 PCI FAILED SYSTEM BREACHES VIOLATIONS INSIDER THREA HES TS REGUL FAILED COBITPCI AUDITS BASEL BREACHES NERC ATORY SOX HES ISO:270 R THREA IONS FAILED REGUL IONS BREAC SECURITY INSIDE VIOLAT BREAC ITY TS SOX R THREA S PCI II VIOLAFAILED AUDITS VIOLAT ITYTS GLBA NERC ATORY ES PCI SECUR THREA AUDIT HES TS SECUR MiFID REGUL OUTAG ES NERC INSIDE IONS BASELATORY INSIDE FAILED ES MiFID REGUL R THREA FDCC ITYRBREAC PCI OUTAG SYSTEM VIOLAT FDCCATORY NERC OUTAG 01 INSIDE TS AUDITS SECUR HESPCI AUDITS ATORY SYSTEM REGUL II ISO270 FAILED II SYSTEM R THREA PCI REGUL FAILED HES COBIT IONS BASEL PCI ITY BREAC AUDITS PCI TSTS INSIDE FDCC ITY AUDITS IONS BREAC VIOLAT 01 SYSTEM THREA COBIT TIONS BASEL AUDITS SECUR R FAILED VIOLAT GLBA ATORY THREA SOX FAILED HES ISO:270 R ES TSSECUR GLBA FAILED VIOLATIONS INSIDE ATORY TS PCI ES REGUL IONS BREAC SOX INSIDE THREA OUTAG PCI NERC ITY TS ATORY R REGUL THREA M OUTAG VIOLAT R COBIT HES PCI SECUR THREA AUDITS INSIDE REGUL SYSTE HES R ATORY INSIDE SYSTEM BREAC AUDITS ES MiFID S PCI HES ITY BREAC INSIDE BREACHES NERC ISO27001 NERC PCI ITY FAILED PCI REGUL FAILED ISO27001 OUTAGVIOLAT AUDIT BREAC TS OUTAGES MiFID SOXFAILED IONS SECUR HES NERC IONS BASEL II AUDITS R II SYSTEM SECUR ITY VIOLAT MiFIDSECUR II SYSTEM THREA BREAC FDCC RTHREA FAILED ES BASEL INSIDE BASELITY ITYTS MiFID TS SECUR ATORY ES ATORY INSIDE IONS PCI COBIT TS FDCC SECUR R THREA REGUL TIONS OUTAG REGUL NERC HES NERC SECURITY 01 SYSTEM VIOLAT PCI GLBA THREA AUDITS SYSTEM OUTAG PCI HES R INSIDE HES ES GLBA BREAC SYSTEM ATORY ES II AUDITS FAILED BREAC COBIT AUDITS INSIDE BREAC OUTAG ITY M SOXFAILED ITY OUTAGVIOLAT HES ISO:270 BASEL TSBREAC PCI REGUL TS FAILED SECUR IONS SECUR BREAC HES COBIT THREA 01 SYSTE TS ITYVIOLAT AUDITS 01 SYSTEM GLBA R IONS ESSOX ISO270 THREA SECUR ITYFDCC FAILED INSIDE ISO270 BREACHES RR R THREA ATORY ATORY INSIDE OUTAGES GLBA ITY OUTAGIONS MiFID NERC SECUR TS SOX INSIDE ES REGUL COBIT SECUR PCI REGUL VIOLAT MiFID OUTAGES MiFID PCI SYSTEM HES COBIT NERC OUTAG R THREA ES 01INSIDE MiFID HES HES ATORY AUDITS BREAC ES AUDITS SYSTEM INSIDE OUTAG II SYSTEM ISO:270 ITY BREAC II BREAC REGUL OUTAG FAILED NERC NERC FAILED ITY BASEL IONS ITY PCI SECUR SOX SYSTEM HES ES GLBAATORY BASEL SOX FDCC ITY TS SECUR TS TSES VIOLAT SECUR MiFID AUDITS BREAC TIONS BREACHES THREA VIOLAT R IONS ITY THREA ITY R THREA BASEL II SYSTEM RVIOLAT OUTAG ATORY ES GLBA SECUR SECUR IONS REGUL INSIDE INSIDE TS FDCC FAILED PCI NERC SYSTEM M OUTAG OUTAG GLBA SECUR ES GLBA IIATORY COBIT PCI REGUL ES INSIDE HES THREA SYSTE R ES HES INSIDER BREACHES OUTAG 01 OUTAG BREAC AUDITS 01 SYSTEM BREACHES NERC INSIDE OUTAG ITY BREAC IONS FAILED REGUL ISO270 ITY FAILED ISO270 PCIBASEL SYSTEM HES COBIT COBITAUDITS FDCC SECUR VIOLAT SYSTEM 01 SOX ITY TS IONS II ITY HES SECUR TS BREAC GLBA AUDITS ATORY SECUR ES ISO:270 VIOLAT BASEL R THREA R THREA FAILED ES MiFID ITY BREAC REGUL IONS MiFID OUTAG SECUR ATORY ESGLBA TS SOX HES NERC INSIDE OUTAG SECUR TS SOX VIOLAT MiFID VIOLAT SYSTEM OUTAG ES COBIT INSIDE NERC01 ESIONS R THREA PCI REGUL THREA AUDITS SYSTEM ATORYFAILED ATORY R FDCC HES OUTAG OUTAG ISO270 INSIDE MNERC II SYSTEM AUDITS INSIDE BREAC IONS PCI REGUL PCI REGUL ITY ITY BREAC SYSTE BASEL NERC TS PCI II SYSTEM HES VIOLAT SECUR HESFAILED IONS SECUR AUDITS ES INSIDER FDCC AUDITS ISO270 BREAC TSFAILED GLBA ATORY ITY OUTAG GLBA BREAC VIOLAT ITY 01 ES IONS BASEL FAILED IONS ES SECUR INSIDER THREA PCI REGUL R THREA ATORY SECUR OUTAG VIOLAT PCI OUTAG VIOLAT TS FDCC II SYSTEM INSIDE ES MiFID ATORY ES GLBA R THREA AUDITS ATORY BASEL PCI REGUL COBIT R THREA 01 SYSTEM OUTAG REGULTS OUTAG IONS INSIDE FAILED BREACHES COBIT TS SOX AUDITS INSIDE FDCC ISO:270 ITY NERC BREAC S PCI SYSTEM II SYSTEM COBIT HES HES ITY 01REGUL IONS AUDITS SECUR ATORY VIOLAT THREATS PCI AUDIT SOX FAILED BASEL BREAC OUTAGES GLBA SECUR TS ISO270 VIOLAT MHES MiFID ITY REGUL ITY IONS FAILED ES IONS PCI FAILED R THREA THREA PCI ATORY SYSTE RTS SECUR TSBREAC FDCC SECUR VIOLAT 01 OUTAG VIOLAT PCI R REGUL AUDITS GLBA INSIDE THREA ISO270 ATORY PCI ATORY NERC THREA NERCPCI R II SYSTEM FAILED IONS HES IN- INSIDE OUTAGES REGUL INSIDE REGUL HES SECURITY OUTAGES AUDITS INSIDE BASEL TS PCI FAILED AUDITS COBIT SYSTEM BREAC ITY BREAC IONS01 FAILED COBIT HES THREA ES MiFID AUDITS RPCI AUDITS ATORY VIOLAT HES FDCC VIOLAT BREAC OUTAG FAILED II SYSTEM FAILED ITY GLBA SECUR IONS ATORY SOX ESBASEL ITY BREAC PCI REGUL NERC INSIDE THREA BASEL SYSTEM TS PCI S ISO:270 TSTS SECUR R II HES HES VIOLAT REGUL R OUTAG IONS THREA AUDIT THREA MiFID INSIDE R BREAC FDCC BREAC ATORY ES INSIDE MiFID SECUR GLBA VIOLAT ITY SYSTEM ITY COBIT FAILED INSIDE 01 NERCSECUR SYSTEM OUTAGES OUTAG AUDITS ATORY PCI REGUL SECUR TS PCI FAILED VIOLATIONSPCIITY NERC HES ISO270 TS FDCCVIOLAT PCI REGUL SYSTEM HES ES GLBA ATORY IONS AUDITS BREAC R THREA AUDITS 01 INBASEL FAILED AUDITS TS INSIDE PCI IIREGUL SECUR FAILED ISO270 R THREA FDCC ATORY ITY SECURITY BREAC TSHES FAILED THREA COBIT GLBA HES COBIT 01 SYSTEM OUTAG IONS AUDITS R INSIDE ES ISO:270 PCI IONS THREA TSOUTAG BREAC PCI REGUL INSIDE VIOLAT FAILEDIONS ATORY ITY BREAC THREAVIOLAT ES MiFID SECUR SOX VIOLAT ITY RATORY AUDITS ATORY SECUR SYSTEM HES COBIT OUTAG PCI SECURR INSIDE 01 FAILED REGUL THREATS R REGUL BREAC INSIDER BREACHES MiFID INSIDE NERC AUDITS ISO270 TS PCI S PCIITY II SYSTEM NERC BREACHES COBIT INSIDE HES REGUL OUTAGES MiFID IONS THREA AUDIT SECUR PCI NERC SOX FAILED ITY VIOLAT SYSTEM ITY BREAC HES IONS BASEL MiFID FAILED II AUDITS ESBASEL ATORY ITY BREACHES FDCC SECUR BREAC R THREA TS FAILED OUTAG PCI REGUL ITYTS GLBA SECUR ATORY VIOLAT IONS PCI SECUR TS FDCC R THREA AUDITS THREATS GLBA SECUR SYSTEM OUTAGES REGUL VIOLAT NERC INSIDE INSIDE AUDITS FAILED R THREA INSIDER BREAC ATORY OUTAGES ISO:270 COBIT HES COBIT IN01 SYSTEM AUDITS PCI INSIDE IONS REGULII HES SYSTEM HES COBIT PCI BASEL COBIT TS FDCC BREAC HESFAILED ES GLBA SOX FAILED ITY AUDITS ISO27001 ATORY TS BREAC VIOLATIONS OUTAG SECUR IONS REGUL FAILEDVIOLAT SIDER THREA MiFID SECURITY SECURITY BREAC R THREA PCI TS MiFID ONS SOX ATORY SYSTEM VIOLAT 01 INSIDE NERC INSIDER ES MiFID SOLUTIES AUDITS ATORY PCI REGULOUTAG NERC ISO:270 R THREA ATION OUTAG FAILED HES REGUL II SYSTEM IONS AUDITS INSIDE PCI ITY BREACHES BREAC II SYSTEM VIOLAT ANCE AUTOM NERC ITY AUDITS THREATS SOX IONS BASEL ATORY TS FDCC FAILED FAILED R THREATS AND COMPLI VIOLAT IONS BASEL ES GLBA SECUR REGUL TY PCISECUR R THREA ATORY TS FDCC IT SECURI AUDITS REGUL ATORY VIOLAT THREA HES COBIT INSIDE PCI OUTAGES GLBA COBIT INSIDE 01 SYSTEM OUTAG SIDER HES BREAC PCI REGUL ONS AUDITS FDCC FAILED SYSTEM ISO270 ITY 01 BREAC SOLUTI IONS AUDITS FAILED SECUR ISO:270 VIOLAT FAILED R THREATS SOX MiFID AUTOMATION OUTAGESANCE THREATS SOX ATORY VIOLATIONSPCI REGULATORY INSIDE II SYSTEM NERC TY AND COMPLI IT SECURI AUDITS PCI REGUL FDCC FAILED AUDITS ATORY VIOLATIONS BASEL ES GLBA FDCC FAILED SIDER THREATS PCI REGUL 01 SYSTEM OUTAG SOLUTIONS FAILED AUDITS AUTOMATION VIOLATIONS ISO:270 THREATS SOX COMPLIANCE PCI REGULATORY IT SECURITY AND FDCC FAILED AUDITS

FEATURES AND BENEFITS

Single Point of Control for All IT Configurations ChangeIQ for Intelligent Real-time Change Assessment Built-in Integration with Tripwire Log Center through Tripwire VIA Tripwire Enterprise provides centralized control of configurations across the entire physical and virtual IT infrastructure, including servers and devices, applications, and multiple platforms and operating systems. ChangeIQ capabilities intelligently assess changes in real time, determining whether they moved a system out of compliance, prioritizing remediation efforts and reducing overall risk. As part of the Tripwire VIA suite, Tripwire Enterprise integrates with Tripwire Log Center out of the box. The integration enables users to correlate change and event information to transform raw data into actionable knowledge. It also provides a centralized view of date center security. The Remediation Manager module provides role-based workflow tools that let users approve, deny, defer or execute remediation of failed configurations. Because Tripwire Enterprise integrates with leading Change Management System (CMS) solutions, as change happens Tripwire Enterprise automatically reconciles detected changes against change tickets and change requests. Tripwire Enterprise integrates with VMware vCenter to provide control over virtual infrastructure (VI), auto-discovering new instances of VI and automatically monitoring and reporting on changes to VI. Tripwire Enterprise dramatically reduces the time and effort for audit preparation by providing continuous, comprehensive IT infrastructure baselines along with real-time change detection and built-in intelligence to determine the impact of change. Tripwire Enterprise combines configuration assessment with real-time File Integrity Monitoring to detect, analyze and report on changes as they happen and keep configurations continually compliant. This immediate access to change information lets IT fix issues before they result in a major data breach, audit finding or long-term outage. Tripwire Enterprise automates compliance with the industry regulations and standards organizations are now subject tofrom PCI, to NERC, SOX, FISMA, DISA and many others. Tripwire ships with numerous pre-defined reports that provide real-time scoring of compliance posture, including rate of change and other important trends. Report drilldowns, linking, and dashboards provide comprehensive overviews of security and compliance for any organizational level. Tripwire Enterprise Asset View lets you classify assets with business-relevant tags such as risk, priority, geographic location, regulatory policies, and more. The Tag Integration Framework lets you automatically bring metadata associated with assets in other IT systems into the Asset View as tags. That saves time tagging assets and quickly aligns your Tripwire-monitored assets with your business environment.

Workflow Tools for Managing Failed Configurations Integration with Change Management Systems Virtual Infrastructure Monitoring

Support for Faster, Easier Audit Preparation

Support for Maintaining a Secure, Compliant State

Automated IT Compliance Process

Reports and Dashboards for Enterprise-wide Visibility

Classification of Assets with Asset View

Import Metadata from Existing Systems into Asset View with the Tag Integration Framework

FROM MACRO VIEWS TO MINUTE DETAILS

+

..: ORGANIZE AND MANAGE your assets in a way that reflects your business priorities

..: VIEW CHANGE AND CONFIGURATION from any perspective necessary

..: ZOOM INTO DETAILS that distinguish new threats from accidents and common errors

REPORTS
Tripwire Enterprise provides nearly 40 reports, with additional in development. More samples and the full Report Catalog are available on our website. Baseline Elements Change Process Compliance Change Rate Change Variance Change Window Changed Elements Changes by Node or Group Changes by Rule or Group Changes by Severity Compliance History Composite Changes Detailed Changes Detailed Test Inventory Detailed Test Results Detailed Waivers Device Inventory Elements Frequently Changed Elements Frequently Changed Nodes Inventory Changes Last Node Check Status Missing Elements Monitoring Policy Nodes with Changes Reference Node Variance Remediation Assessment Remediation Work Order Details Scoring Scoring History System Access Control System Log Task Report Test Result Summary Test Results by Node Unchanged Elements Unmonitored Nodes Unreconciled Change Aging User Roles All Object Types

ERP Changes By Severity

Date: Promotion Approval ID: Change window: Use strict package match: Display criteria at end: Element Exists: Nodes: Node name: Node Properties: Rules: Rule name: Element name: Element Properties: Version Properties: Change types: Severity range: Current versions only: Time range: Packages: Severity sections sort: Details table sort: Details table (2nd) sort: 7/17/09 4:19 PM Not applied Not applied No No Not applied ERP, esx4se.pdxse.tripwire.com, onlinecollab.srv1.tripwir e.com Not applied Not applied All Not applied Not applied Not applied Demo Data Equals Yes Added, Modified, Removed All No All time Not applied Severity, descending Count, descending Name, descending

NERC Scoring for Windows

High Severity
Name DEMOSERVER.PDXSE.TRIPWIRE.COM Type Windows Server Last Change Time 11/7/08 1:31 PM Count 2 Severity Total: 2

ERP Changes By Group

Date: Promotion Approval ID: Change window: Use strict package match: Display criteria at end: Element Exists: Nodes: Node name: Node Properties: Rules: Rule name: Element name: Element Properties: Version Properties: Change types: Severity range: Current versions only: Time range: Packages: Details table sort: Details table (2nd) sort: 7/17/09 3:34 PM Not applied MS Windows Server 2003 DM - NERC v2 Not applied No No Compliant Not applied Authentication, Database Backend, Networking Infrastruc Node ture, Servers, VMware ESX Hosts Not applied WIN-COMPLIANCE2.PDXSE.TR Not applied IPWIRE.COM All Not applied WIN-COMPLIANCE3.PDXSE.TR Not applied IPWIRE.COM Not applied Demo Data Equals Yes WIN-COMPLIANCE4.PDXSE.TR Added, Modified, Removed IPWIRE.COM All No WIN-COMPLIANCE5.PDXSE.TR All time IPWIRE.COM Not applied Total, descending Name, ascending Average Node ams.win2k3.dc1.tripwire.com ams.win2k3.dc2.tripwire.com ams.win2k3.dc3.tripwire.com ams.win2k3.dc4.tripwire.com ams.win2k3.dc5.tripwire.com ams.win2k3.dc6.tripwire.com

Score 77.19 77.19 77.19 77.19

Waived Tests 0 0 0 0

Score 76.51 76.51 76.51 76.51 76.51 76.51

Waived Tests 0 0 0 0 0 0

..: REPORTS EXAMPLES Tripwire Enterprise provides dozens of customizable reports with drill-down capabilities.

BROAD, DEEP SUPPORT FOR COMPONENTS IN THE IT STACK

Whether IT needs to keep watch over mission-critical servers or the entire IT infrastructureincluding virtualized environments and applicationsTripwire Enterprise provides the capability to assess, validate and enforce policies and detect all change, no matter the source. Tripwire supports the following components in the IT stack:

security. Once IT gets the database server into a known and trusted state, it keeps it there by ensuring all subsequent configuration changes are detected.

TRIPWIRE ENTERPRISE FOR FILE SYSTEMS AND DESKTOPS

Tripwire Enterprise for File Systems and Desktops assesses the configurations of physical and virtual server and desktop file systems, including security settings, configuration parameters, and permissions. Tripwire bases its policies on settings recommended by respected organizations such as CIS and NIST. When followed by Tripwires tunable change detection, IT has a single solution that ensures visibility and accountability for all configuration control activity on a wide range of platforms. And Tripwires agents are designed to achieve configuration control across the enterprise with minimal impact on network bandwidth.

PHYSICAL INFRASTRUCTURE

VIRTUAL INFRASTRUCTURE

TRIPWIRE ENTERPRISE FOR DIRECTORY SERVICES

Tripwire Enterprise for Directory Services provides independent compliance policy management for LDAP-compliant directory server objects and attributes, such as LDAP schema, password settings, user permissions, network resources, group updates, and security policies. Tripwire bases these assessments on CIS, NIST, DISA, FISMA, NERC, FDCC and other industry standards and regulations to help ensure organizations get their directory servers into a secure and compliant state. The component accelerates its deployment with pre-configured Active Directory, Sun Java System Directory Server and Novell eDirectory default settings that can be fully customized to specific enterprise environments.

Applications Directory Services Databases File Systems and Desktops Hypervisors and VMs Network Devices and vSwitches

TRIPWIRE ENTERPRISE FOR APPLICATIONS

Mission-critical applications are at the top of the IT infrastructure and enable the daily activities like email, web-based applications, and other critical applications that keep organizations moving forward. Tripwire Enterprise for Applications provides compliance policy management and file integrity monitoring capabilities to help ensure that supported applications are configured properly for security, compliance, and optimal performance and availability. In addition to out-of-the-box policies for applications such as Microsoft Exchange and IIS server, Tripwire Enterprise lets IT easily create policies for other business applications, including custom applications.

TRIPWIRE ENTERPRISE FOR VMWARE

Tripwire Enterprise for VMware provides visibility across the VMware virtual infrastructure, enabling continuous configuration control of virtual environments. This component provides out-of-the-box assessment tests for hypervisors, virtual containers, and vSwitches based on CIS security policies, DISA Security Technical Implementation Guides (STIGs), and VMwares Infrastructure 3 Security Hardening guide. The included VirtualCenter integration auto-populates the same hierarchy of VirtualCenters, Clusters, Data Centers, Folders, Resource Pools and hypervisors from VMware into Tripwire Enterprise, which enables auto-discovery, monitoring and reporting of changes among and within newly-created virtual infrastructure objects.

TRIPWIRE ENTERPRISE FOR DATABASES

Tripwire Enterprise for Databases works in conjunction with Tripwires File Systems component to help organizations get their Oracle, Microsoft and IBM database servers into secure, continually high-performing states. Tripwire does this by assessing configurations of schema objects, application and configuration files, security and configuration parameters, access settings, and user roles and permissions against CIS, PCI and NIST guidelines for

TRIPWIRE ENTERPRISE FOR NETWORK DEVICES

Tripwire Enterprise for Network Devices assesses configuration settings of the broadest range of network devices in the industry, including any device running a POSIX-compliant operating system. By testing configurations against industry-proven settings

and then following up with continuous file integrity monitoring that identifies out-of-compliance changes, this component helps organizations achieve and maintain continuous compliance with security, regulatory, and operational measures. In addition, Tripwire generates an audit trail of all configuration control activities, so proving compliance in an audit is greatly simplified.

PLATFORM SUPPORT & SPECIFICATIONS

TRIPWIRE ENTERPRISE CONSOLESUPPORTED PLATFORMS AND BROWSERS Solaris, Windows, Red Hat Enterprise Linux, SUSE Linux Enterprise TRIPWIRE ENTERPRISE FOR APPLICATIONSSUPPORTED APPLICATIONS Microsoft IIS Microsoft Exchange Server 2003 Oracle Database 10g Firefox, Netscape, Internet Explorer

TRIPWIRE ENTERPRISE FOR DIRECTORY SERVICESSUPPORTED APPLICATIONS Windows Active Directory Sun Java System Directory Server Novell eDirectory LDAP v2 & v3

TRIPWIRE ENTERPRISE FOR DATABASESSPECIFICATIONS ORACLE 9I, 10G, 11G AND RAC Schema Objects Functions Indexes Procedures Tables Triggers Views Packages and package bodies Sequences Stored outlines Synonyms Types and type bodies Libraries Database Links Clusters Database Objects Directories Tablespace Security System Privileges Object Privileges Audit Parameters Access Settings Users Profiles Roles Software Files (using file system monitoring rules) MICROSOFT SQL SERVER 2000 & 2005 Schema Objects Tables Indexes Triggers Views Stored Procedures Functions User-defined types Database Objects Configuration Parameters Databases Security & Access Settings Logins Server Roles Database Users Database Roles Software Files (using file system monitoring rules) IBM DB2 UDB VERSION 8.2 & 9.5 Schema Objects Functions Aliases Indexes Packages Procedures Schemas Schema Groups Sequences Tables Triggers User Defined Types Variables Views Database Objects Bufferpool Configuration Parameter Database Partition Group Event Monitor Histogram Template Service Class Tablespace Threshold Work Action Set Work Class Set Workload Security Audit Policy Security Label Component Security Access Settings Groups Roles Users Software Files (using file system monitoring rules)

PLATFORM SUPPORT & SPECIFICATIONS, CONTINUED

Visit www.tripwire.com for detailed platform version support TRIPWIRE ENTERPRISE FOR FILE SYSTEMS AND DESKTOPSSPECIFICATIONS Agent platform support AIX CentOS Fedora Core HP-UX Oracle Enterprise Linux Red Hat Desktop Linux Red Hat Enterprise Linux Solaris SPARC & x86 SUSE Linux Enterprise Server Windows Server 2003 & 2008 Windows Desktops, incl. XP, 2000, Vista & 7 UNIX system properties monitored File adds, deletes, modifications Audit tracking File existence ACL (Access Control List) Installation package data User ID of owner, group ID of owner File and directory type, and file size Access, modification and change timestamp Growing attribute Virtual environment support VMware ESX & ESXi VMware vSphere Solaris Zones Windows system properties monitored File adds, deletes, modifications Registry keys and values Event tracking Installation package data Flags: archive, hidden, offline, temporary, system, compressed Access, write and create time File and directory type, and file size Owner, Group, DACL, SACL, read-only Number and hashes of alternate data streams Growing attribute Agentless support for file systems POSIX-compliant operating systems (through Tripwire Enterprise for Network Devices node)

TRIPWIRE ENTERPRISE FOR VMWARESUPPORTED HYPERVISORS VMware ESX & ESXi VMware vSphere TRIPWIRE ENTERPRISE FOR NETWORK DEVICESSUPPORTED VENDORS & DEVICES Cisco IOS, CatOS & PIX OS Cisco VPN3000 Series Concentrator Cisco Catalyst 1900/2820 Switch Alcatel OmniSwitch Check Point Nokia IPSOSystems Extreme F5 BigIP Foundry HP ProCurve Series ISS Nokia IPSOSystems Juniper M/T Series Marconi ForeThought NetScreen Nokia IPSOOS Nortel Alteon &Passport Other devices using the included Universal Device Kit Agentless support for file systems POSIX-compliant operating systems

.: Tripwire is a leading global provider of IT security and compliance solutions for enterprises, government agencies and
service providers who need to protect their sensitive data on critical infrastructure from breaches, vulnerabilities, and threats. Thousands of customers rely on Tripwires critical security controls like security configuration management, file integrity monitoring, log and event management. The Tripwire VIA platform of integrated controls provides unprecedented visibility and intelligence into business risk while automating complex and manual tasks, enabling organizations to better achieve continuous compliance, mitigate business risk and help ensure operational control. :. LEARN MORE AT WWW.TRIPWIRE.COM OR FOLLOW US @TRIPWIREINC ON TWITTER.
2012 Tripwire, Inc. Tripwire, Log Center, VIA and ChangeIQ are trademarks or registered trademarks of Tripwire, Inc. All other product and company names are property of their respective owners. All rights reserved.

TEPB82o 201208