Strengths: Easy-to-use interface for creating scans and exporting scan data.
Weaknesses: Performance and speed of user interface.
Verdict: Relative to similar products, the price of the feature set that this product provides is steep.
The Tripwire IP360 appliance is a solution for advanced enterprise threat detection, vulnerability management and risk assessment. The solution can be purchased as a preconfigured hardware appliance or as a preconfigured virtual machine. This appliance allows one to properly discover, analyze and respond to incidents on a network with its continuous network management and viewing capability. The comprehensive network view allows for a security team to properly and effectively develop both risk management strategies and policies to help mitigate network incidents.
The appliance was easily set up. We removed the device from the box and installed it into our server rack using the provided rack-mount hardware. After it was safely installed into our server rack, we connected our keyboard, monitor and mouse to the back of the server. Once powered on we configured the device using command-line. Setup went smoothly and the documentation was easily followed to complete the initial setup. The appliance is then accessed through the provided web interface that is well organized. The device's license was preconfigured and allowed for us to hop right into testing. This marked the end of the basic setup and configuration.
The product comes with an easy-to-use interface and allowed us to easily set up, manage and scan our test network. Within minutes of installation we were able to successfully run two scans and network audits. The solution comes with predefined scan capabilities and also allows custom scan creation and the ability to upload more scan policies. The report section of this product comes preconfigured with a Sarbanes-Oxley audit that we used to check compliance of our network hosts. The distinct audits section also allows users to upload custom audits, such as PCI, SCAP/CyberScope and IAVA standards. Both the audits and scans can be exported in a variety of formats, including CSV, HTML, PDF and more.
Tripwire IP360 came with both a quick-start guide and a hardware setup guide. Both packets contained enough information for us to get the appliance properly installed and configured for first use. Seeing as the initial configuration is mainly command-line driven, the guide used highlighted text to identify required commands to get the device functional.
Tripwire provides clients with basic no-cost and fee-based support option. Free support is for one year and includes software upgrades with the purchase.
Overall, the Tripwire IP360 appliance can provide a security team with more than enough information to help discover, manage and remediate network vulnerabilities. The in-depth functionality of the user interface provides fluidity for its users who seek to quickly and effectively reduce network risk.