Content

Tripwire IP360

This is a product that needs a bit better - certainly not more - documentation. The docs provided were by no means trivial. In fact, we estimate that if they were printed out on paper it would take a small dolly to cart them. So, it is certain that everything in whichever version of the Tripwire product you have will be documented. However, the issue that we have is not with volume but with coverage.

We ran afoul of this problem during our installation. We installed exactly as the instructions told us but when we got to a portion of the configuration of our virtual machine we were brought up short by an error message. We followed the instructions in the docs on how to configure multiple times but to no avail. We ended up with Tripwire support which, fortunately, is absolutely first-rate.

Apparently where we made our error was that Tripwire provides a customized web demonstration as well as support from a Tripwire Systems Engineer during the evaluation and initial setup process to ensure a successful and timely installation. We should have taken advantage of that. Certainly, we recommend that, if you purchase this product, you should. As it turns out, after the problem emerged, we did and the results were quite satisfying.

The product is supplied either as a physical or virtual appliance. We picked the VM which is supplied as an OVA. Management is controlled by the Vulnerability and Exposures Manager (VnE) and profiling of assets is handled with our Device Profiler appliances (DP). All VnE Manager appliances include a built-in Device Profiler to simplify deployment and ease of use, while remaining able to scale to large deployments by adding additional Device Profilers.

We exploded the OVA and then followed instructions. It was where we started using the command line interface that we ran into trouble. One step in the process would not run and there was no detail in the docs to help us. For us this was frustrating. For admins not comfortable with the CLI it would be a lot more so. There is a CLI guide but it didn't help much in this instance. Although the documentation emphasizes a cloud deployment - AWS, Azure, etc. - we were deploying in our own virtual environment. This is acceptable and, once up and running, worked fine.

Components of the product include the VnE, which is the centralized management server; the Device Profiler or scan appliance; the Security Intelligence Hub, which provides reporting and analytics; the Tripwire Log Center; Tripwire Enterprise, which is the security management suite with which IP360 integrates; and the IP360 API. All of these work together to provide a very comprehensive suite of tools for managing security on the enterprise and, particularly, managing vulnerabilities.

Once we were up and running we had no difficulty running scans and selecting remediation procedures. The user interface is a combination of dashboards and widgets and we found most of the things that we wanted to do intuitive. This is another product where there is so much functionality that there is no room for it all here in a brief review. Fortunately, the website is first-rate and there is a lot of information, including a quick tour that reveals most, if not all, of the important features. The rest of the website is a nice mix of marketing and meat. There is a customer portal that is not publicly available. However, we were not put off by this since there is more than enough public information on the site to answer just about any question leading up to contact with Tripwire for a demo.

Pricing for IP360 is quite attractive and we found that, overall, the product lives up to the venerable Tripwire pedigree.

Product title
Tripwire IP360
Product info
Name: Tripwire IP360 Description: With its ability to cut through vulnerability noise, using its analytics and configuration options to its massive scalability, this works for just about any size enterprise. Price: $5,862.20 for 128 IP annual license. Perpetual pricing is also available.
Strength
A powerhouse that clearly reflects Tripwire’s long experience. Feature-rich. Intuitive ease of use once deployed. Scalability.
Weakness
The only weakness we found was in the documentation, an area where we are becoming increasingly picky due to the increasing complexity of today’s enterprise products.
Verdict
This one demands your attention. With its ability to cut through vulnerability noise, using its analytics and configuration options to its massive scalability, this works for just about any size enterprise.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.