Tripwire Enterprise v7.7
Strengths: A lot of pre-defined policy configurations, which offer a great amount of flexibility in the product.
Weaknesses: Difficult to configure.
Verdict: This product shows its heritage. Tripwire almost is a generic term for spotting changes in critical files. Just be sure that you know what you’re doing when you configure and deploy it.
SummaryTripwire Enterprise uses both agent-based and agent-less approaches to assess and maintain server and device configurations and keep them inline with both company and federal policy. This product includes standards, such as NIST, DISA and FISMA, as well as regulations, such as HIPAA, GLBA and PCI. The tool combines many policy sources with several platforms and device types, which results in more than 215 prebuilt and customizable policies right out of the box.
Installation is quite straightforward. The installation itself is launched from an executable and led by a short installation wizard. At the completion of the wizard, the web-based management interface can be launched and initial configuration can begin. The interface is a bit awkward to use, however. It took us a few minutes of clicking around and reading the documentation to really get a feel of how to use the product.
Policy configuration is also a bit tricky. The root policy tree is empty to begin with and it takes some configuration to get things up and running before designing and assigning policies. We found ourselves going back and forth through the documentation several times to complete the configuration of the product. With that said, we found that this tool does a great job of offering flexibility in policy configuration. Once we had a feel for the product, we found it to be more comfortable to navigate and use.
Documentation consisted of three PDF guides. The installation guide provided clear step-by-step instructions on pre-installation, installation and post-installation procedures, while the user guide offered an in-depth look at configuring and managing the product. The reference guide gives some logging and integration information, as well as working in the product's command line interface. All the guides included many screen shots and configuration examples, which helped greatly in configuration.
Tripwire offers both standard and premium support at an extra cost. The levels provide different support options ranging from phone and email support hours to accelerated response times and named support contacts. All customers receiving support also can access a large web-based support community that includes downloads, forums and a knowledge base.
At a price just shy of $7,000 before server and device licenses, we find this product to be an average value for the money. While Tripwire Enterprise does offer a lot of policy features, we find it is difficult to use and requires quite a learning curve.