|
Tripwire provides one of the most
essential elements required for achieving and maintaining
Business Continuity: Data
Integrity Assurance
Data Integrity Assurance means:
Establishing
a Baseline - To assure data and network integrity,
companies must be able to record a snapshot of what their
systems look like in a desired good state.
Detecting Change
- Data compromise can come from malicious outside intruders
as well as inadvertent errors from within a company. Either
type of change can cause inefficiencies or system failures
and must be detected and reported immediately.
Ensuring Rapid
Discovery and Remediation - Once change is detected,
the exact location and nature of the change must be immediately
pinpointed so that restoration to the desired good state
can occur as quickly as possible.
Only Tripwire provides complete integrity
assurance on servers as well as network devices across your
entire enterprise.
Data Integrity Assurance
benefits your company by:
Establishing
a Foundation for Data Security-
- Tripwire takes a snapshot of data in
its known, good state, and continues to monitor for deviations.
- Tripwire ensures the integrity of other
security products deployed so that companies can have complete
trust in their overall security strategy.
- Integrity checks provide an instant assessment
of the state of your systems, validating the desired, good
state or reporting any "integrity drifts."
Lowering Costs-
- Time spent discovering the source of
system problems is reduced from hours - sometimes days -
to just minutes, freeing up valuable IT resources for more
proactive, productive activities.
- Network failures and system downtime
are minimized.
Maximizing System
Uptime-
- Tripwire enables companies to maximize
their investments in IT by eliminating risk and uncertainty.
- Tripwire helps companies lock down systems
where change is undesired.
- Tripwire pinpoints the exact location
and nature of change to enable quick restoration of systems
to a desired, good state. This reduces down time.
Providing Increased
Control and Stability-
- Tripwire software is effectively used
for configuration management by taking a snapshot of system
files in their desired state and enabling companies to duplicate
that file structure across multiple machines.
- Ongoing monitoring and detailed reports
provide proof of compliance for system audits as well as
adherence to industry regulations.
In a rapidly changing, highly unpredictable
environment, Tripwire provides the only way of knowing, for
certain, that your data is safe and your systems remain uncompromised.
Features and Benefits of Tripwire for
Servers
| Feature |
- Cryptographic signing- Tripwire
database, policy and optional report files can be
cryptographically signed using a 1028-bit algorithm.
|
| Benefit |
- Allows safe storage of these files
on the host machine
- Eliminates removable media for
the database and policy file
|
 |
|
|
| Feature |
- Monitors integrity of file contents
with four hashing algorithms (MD5, Haval, SHA, and/or
CRC-32)
- Monitors 24 file and registry attributes
on Windows NT and 14 on UNIX
|
| Benefit |
- Monitors complete file system for
added, deleted, or changed files
- Enables complete integrity assessment
of each file and attribute
|
|
|
|
| Feature |
- Email
, syslog, SNMP reporting
- Report
exporting to xml or CSV format
|
| Benefit |
- Convenient access to violation
reports
- Sends the right reports to qualified
recipients
- Supports proactive measures to
prioritize and remedy violations
- Allows for integration into existing
reporting packages
|
|
|
|
| Feature |
|
|
| Benefit |
- Customizes the amount of detail
seen in each report
- Speeds identification and evaluation
of integrity violations
|
|
|
|
| Feature |
- Severity rating on monitored files
and directories
|
| Benefit |
- Files can be designated with individualized
severity levels
- Helps quickly identify critical
system files and take action when necessary
- High-severity files can be selected
for immediate viewing
|
|
|
|
| Feature |
- The Policy Wizard, when run, will
examine a user machine's file system and display to
the user all of the file and directory objects present
in the file system using a graphical tree interface.
|
| Benefit |
- Helps answer the question, "What
files should I include in my TFS policy file?"
- Helps answer the question, "Which
properties of this file should I be monitoring?"
- Simplifies and speeds policy creation
by providing a graphical method of policy file creation.
- Builds a baseline policy file based
on files actually present on the system, as opposed
to a generic, one-size-fits-all default policy file.
- Dramatically decrease the time
to get Tripwire for Servers implemented and monitoring
the integrity of a machine
|
|
|
|
| Feature |
- Arbitrary Command Execution - This
provides the user the ability to associate with each
rule in the policy file a single arbitrary system
command that will be run whenever that rule is violated.
The commands to be executed will be specified in the
policy file as rule attributes.
|
| Benefit |
- Allows scripting of user-defined
responses to TFS integrity checks.
- Could be used to extend TFS reporting
and notification capabilities.
- Could be used to implement "restore
object upon violation" functionality
- Could be used to isolate a machine
from the network automatically if suspicious activity
is noted
|
|
