Tripwire Enterprise and Tripwire DataMart
Strengths: Easy to deploy with robust policy and reporting capabilities.
Weaknesses: High cost can be a factor.
Verdict: Tripwire continues to provide high quality, but at a price.
Tripwire Enterprise is a full-scale configuration management product that allows administrators to create master "known and trusted" configuration states for many types of systems and devices on the network. Once these states are created, this product will monitor servers, network devices and databases to ensure that all devices stay compliant to the policy. DataMart works in tandem with Enterprise to take data from various sources - such as file integrity monitoring, configuration management and vulnerability management platforms - to create a visual representation of the overall security posture of the organization.
While powerful, we did not find these tools to be complicated to install and configure. Both can be installed on a single server and the installation procedures take just a few minutes. Once the installation process is complete, Tripwire Enterprise can be managed from an intuitive, web-based administration console. When we launched into the console, the first thing we noticed was the clean and organized look of the interface. The tab-top navigation structure provided clear and easy-to-understand categories. Then there were the dashboards. We found ourselves surrounded by visuals and easy-to-read charts and graphs. These visuals made it easy to get a good overall glance at the current security state of the environment.
We also found this product to contain many easy-to-use policy tools and options. In no time at all we were able to begin configuring our policy and running audits and reports - which is also another area where this product shines. Tripwire Enterprise comes with a considerable amount of predefined policy and standards templates that can be used as is or customized for the specific needs of the organization. After an audit is run, administrators can run remediation tasks right from the console or create automated remediation policies as needed. DataMart takes the analysis a few steps further by adding trending analysis and risk correlation.
Documentation was comprised of PDF installation and user guides. We found these to contain an excellent amount of detail with clear, step-by-step configuration procedures and instructions for using the product features. We also noticed a good amount of visuals, such as diagrams, screen shots and configuration examples.
Tripwire offers standard phone- and email-based technical support to all customers. Those requiring additional options can purchase premium support at an additional cost. Tripwire also offers - at additional costs - a wide array of services, such as implementation and upgrade assistance, integration services, managed services and training. Additionally, customers also have access to an online portal with resources such as a user forum and knowledge base.
At a price starting at $12,000 for a minimal configuration, we found this product to be a reasonable value for the money. Tripwire has a flexible pricing model that can be designed to scale from the smallest environment to large enterprise. Overall, we found the combination of these two products to provide a powerful insight into the security posture of the enterprise. Administrators can use DataMart to locate weak spots through modeling and then use Enterprise to create policy and ensure that security practices are maintained.