Open Source Tripwire and Tripwire Enterprise

If you need to control changes made to your Linux and UNIX servers, you have three choices - Open Source Tripwire, Tripwire for Servers and Tripwire Enterprise. Although they all share a common heritage, these solutions have significant differences that make them appropriate for different IT environments:

• Open Source Tripwire is suitable for monitoring a small number of servers where centralized control and reporting is not needed and professional support is not a requirement.
• Tripwire for Servers is the solution for IT organizations requiring only server monitoring, with detailed reporting and optional centralized server management across Linux/UNIX/Windows platforms.
• Tripwire Enterprise is the best choice for IT organizations needing to securely audit configurations across Linux/UNIX/Windows servers, databases, network devices, desktops, and directory servers.

Background
Dr. Eugene Spafford and Gene Kim created the initial Academic Source Release of Tripwire software in 1992 while at Purdue University. In 1997, Kim founded Tripwire, Inc. to bring Tripwire for Servers, an enhanced commercial version of the software, to market. In 2000, to meet the needs for a robust file integrity tool that could be compiled onto a wide variety of POSIX-compatible operating systems, Tripwire contributed Open Source Tripwire, Linux Edition, to the Open Source Project (under the GNU General Public License.)

Since that time, Tripwire for Servers' continued development has resulted in improved security, better reporting, easier reconciliation, broader platform support, and, with the optional Tripwire Manager component, centralized reporting and a GUI. With the introduction of Tripwire Enterprise in 2005, the software completed its evolution from a file integrity tool to a comprehensive solution for configuration auditing across Linux/UNIX/Windows servers, databases, network devices, desktops, and directory servers.

Tripwire Enterprise: Configuration Audit and Control for IT
Tripwire Enterprise is the recognized leader of configuration audit and control solutions that assures continuous operational, regulatory and security compliance across the datacenter. Tripwire Enterprise 7 helps nearly 5,700 customers worldwide achieve & maintain a known, trusted and compliant state. By proactively assessing configuration settings against internal policies and external industry benchmarks, Tripwire Enterprise generates an enterprise-wide risk profile to identify & remediate weak links. Once a known & trusted state is achieved, Tripwire Enterprise detects change in real-time across the IT infrastructure to help maintain the known good state. Tripwire supports a broad range of devices including servers, databases, network devices, virtual environments, desktops, directory servers and more. Tripwire Enterprise also delivers actionable information through reporting, reconciliation and remediation capabilities. As the trusted leader in configuration audit and control, Tripwire Enterprise delivers continuous compliance throughout the datacenter to reduce risks, increase operational efficiencies, enforce internal & external policies, automate compliance and deliver better service to the business.

Major features in Tripwire Enterprise include:

• Policy compliance configuration assessment
• Real-time, tunable change detection
• Centralized management console with web interface
• Centralized database that stores historical changes
• Tailorable reports and dashboards
• Customizable roles and permissions to ensure a secure audit trail
• Easy to use GUI
• Integration with change management systems, providing automated change reconciliation

For medium-size to the largest installations, Tripwire Enterprise offers IT organizations a comprehensive configuration audit and control solution that provides enhanced security, increased availability, and demonstrable compliance to governmental and industry regulations.

Tripwire for Servers/Tripwire Manager: Comprehensive Server Monitoring and Reporting
Tripwire for Servers is a great choice for small to medium-size IT organizations needing only server monitoring and basic configuration auditing capabilities. Able to pinpoint changes to system and configuration files, Tripwire for Servers enables IT staff to determine what changed, when it changed, how it changed, who changed it - and to roll servers back to a known and trusted state if the change was not authorized or desired. Tripwire Manager is an optional component for those requiring centralized management of their environment. As with Tripwire Enterprise, Tripwire for Servers is backed with full commercial support and training from Tripwire, and Tripwire for Servers' customers have the capability of migrating their software to Tripwire Enterprise if their configuration auditing needs increase.

Open Source Tripwire: Intrusion Detection for Individual Servers
Open Source Tripwire retains the original core functionality of data integrity for servers. Utilizing a basic command line interface, the software will detect changes on each server on which it is installed, alerting users to intrusions and unexpected changes. With the available source code, Open Source Tripwire can be compiled onto a broad range of UNIX- and Linux-based systems, with the potential for modification to meet unique, local requirements. And, or course, it has the benefit of no initial investment.

The latest Open Source Tripwire, version 2.4.0, retains the same intrusion detection features as the original 2.3 release, with improved scripting functionality for compiling onto a wider range of POSIX (Linux/BSD/UNIX-like) operating systems. It is available for download from SourceForge.net. For individual server deployments and smaller installations, many find Open Source Tripwire a solid choice for intrusion detection and security.

Feature Comparison
Click here for a matrix comparing the features and functions of the most current versions of Open Source Tripwire, Tripwire for Servers and Tripwire Enterprise.