Tripwire Enterprise and DataMart
June 03, 2013
Starting at $18,000
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Full end-to-end system and security policy management with robust modeling and reporting.
- Weaknesses: Can be costly for some organizations.
- Verdict: If one can afford it, these tools are worth a close look. It carries the Tripwire tradition forward in fine style.
Tripwire Enterprise and DataMart are two products that compose a suite for maintaining configuration states of servers, network devices and databases, as well as robust reporting services, to allow for deeper analysis of security and configuration policy. Tripwire Enterprise is a tool for full-service system configuration management that allows administrators to put a policy in place and have systems continuously checked against that policy to ensure compliance. DataMart is a way for administrators to collect information from various sources throughout the environment, including output from configuration and vulnerability management systems, and turn the data into a way of testing security policy changes through the use of dashboards and rich reports.
We found these products can be easily installed on the same server, and initial installation and setup does not take long at all. Both products include Windows and Linux installers for greater deployment flexibility. For our installation we chose to install both on a Windows server. The installation process is similar in both products, and is done by running an executable installer, which launches a brief setup wizard. At the completion of the setup wizard, all the components are installed and all further management is done via a web-based management interface. We found the interfaces to be well-organized with intuitive layouts.
We found Tripwire Enterprise to be more like three products in one, rather than just a simple system configuration management tool. It is built on three solid functions that include configuration management, file integrity monitoring and remediation. These three tools work together to provide a robust feature set. The Policy Manager function allows administrators to define policy and assess their configurations against any of more than 250 policies, standards, regulations and guidelines. Then, File Integrity Manager continually checks systems for unauthorized or unneeded changes. Finally, Remediation Manager automates remediation and maintains compliance throughout the enterprise.
Documentation includes both installation and administrator guides in PDF format. We find all documents to contain an excellent amount of detail and to be well-organized. Also included are many screen shots and configuration examples which help illustrate how to configure and use many of the features.
Tripwire offers all customers basic phone and email support with purchase. Customers requiring more options can purchase additional aid. The cost for premium support is based on the number of licenses purchased. All customers also have no-cost access to an online area that includes many resources, such as a knowledge base and user forum.
At a price starting at $18,000 for both Enterprise and DataMart, this product can be quite pricey for some environments. In this pricing model, however, DataMart takes up the bulk of the cost, so if data modeling is not a part of the overall strategy for an environment, the cost drops significantly. That said, DataMart does offer a lot of excellent capabilities for better security policy and overall security posture. We find this product to be a good value for the money for both medium and large organizations. - MS
Sign up to our newsletters
SC Magazine Articles
- Nearly 90 percent of Android devices vulnerable to endless reboot bug
- Women in IT Security: 10 Power Players
- Scanner identifies thousands of malicious Android apps on Google Play, other markets
- Report: Phishing costs average organization $3.7 million per year
- Women in IT Security: Women of influence
- U.S. workers roll the dice by gambling on their company phone
- Young hackers: Criminal or innovator?
- U.S. officials may impose sanctions against Russia, China for cyber attacks
- Baby monitor vulnerabilities bring IoT security issues into sharp focus
- The creator of PGP doesn't use PGP, spurring discussion