Products > Tripwire for Servers > Features & Benefits
Tripwire for Servers/Tripwire Manager Features & Benefits

Demo

Take a few minutes to see what Tripwire for Servers is all about.

More >

WHITEPAPER

What's Good for Security is Good for Operations: Why Configuration Assessment Followed by Change Auditing Is Key to Operational Stability

Download now

EVALUATIONS

Evaluation versions are available for you to try.

Download now

WEBCAST

Learn more about Tripwire and the industry in person and online.

Register today

Jump to:
Tripwire for Servers
Change monitoring   Event log correlation   Integrated Command Execution (ICE)   XML & HTML report exporting   Hashing algorithms   System Attributes   SSL communication   Product security   Email reporting   Severity ratings   5 reporting levels   Syslog output   SNMP traps  

Tripwire Manager
Automated Report Archiving   Accept All Changes   Approve By Template   Graphical user interface   Centralized reporting   Replicate integrity system   Patch/software rollout verification  

Change monitoring:.
Description
Benefits
  • Complete confidence if something has changed on your system
  • Monitors entire file system for added, deleted, or changed files
  • Broad platform support across Windows, Unix, and Linux



  • Enhance security, ensure compliance, and improve availability
  • Ensure all changes are auditable
  • Provides management and IT auditors the supporting evidence and confidence that security measures are effective and IT systems integrity is maintained
Event log correlation:.
Description
Benefits
  • Event logs correlate with Tripwire reports to identify who made the change
  • Prove compliance by automating system auditing
  • Enhance security by allowing administrators to track all changes made by specific users identifying who made the change for follow up and data forensics
  • Provides details to enforce change policies




Integrated Command Execution (ICE):.
Description
Benefits
  • Enables a custom command line script to be executed based on an integrity check. For example, a command could be written to automatically execute to restore the last known good back up of a file if a change is detected.






  • Enables customization through user-defined responses to Tripwire integrity checks
  • Can be used to extend Tripwire reporting and notification capabilities
  • Could be used to implement "restore object upon violation" functionality
  • Could be used to automatically isolate a machine from the network if suspicious activity is noted
XML & HTML report exporting:.
Description
Benefits
  • Tripwire reports can be generated in XML and HTML formats, in addition to the standard plain text



  • Easy viewing of reports via a Web interface
  • Enables customization of report presentation/format
  • Allows the user to leverage the large number of available XML tools for viewing and/or parsing Tripwire integrity check results
Hashing algorithms:.
Description
Benefits
  • Monitors integrity of file contents with four hashing algorithms (MD5, HAVAL, SHA, and/or CRC-32)


  • Enables complete integrity assessment of each file and attribute
System Attributes:.
Description
Benefits
  • Monitors 29 object properties and 21 registry keys/values on Windows, and 21 object properties on UNIX
  • Detects changes or malicious attacks that only change file attributes, i.e. alternate data streams
SSL communication:.
Description
Benefits
  • Secure communication link to Tripwire Manager via Secure Sockets Layer (SSL)


  • Data exchanges are encrypted for maximum security
  • Authenticates all Tripwire for Servers nodes across an enterprise
Product security:.
Description
Benefits
  • Tripwire database, policy and optional report files can be cryptographically signed with 1024-bit signature
  • Default policy file monitors Tripwire binary files
  • ACLs monitored on both Windows and ACL-supported UNIX systems
  • Allows safe storage of these files on the host machine which eliminates the need for removable media for the database and policy file
  • Detects any unauthorized tampering
  • Prevents changes being made to ACLs without the administrator being aware of it
Email reporting:.
Description
Benefits
  • Administrators can choose to be notified of integrity violations via email


  • Convenient access to violation reports
  • Sends the right reports to qualified recipients
  • Supports proactive measures to prioritize and remedy violations
Severity ratings:.
Description
Benefits
  • Files can be designated with individualized severity levels


  • Helps quickly identify critical system files and take action when necessary
  • High-severity files can be selected for immediate viewing
5 reporting levels:.
Description
Benefits
  • Reports can be generated using 5 different levels
  • Customizes the amount of detail seen in each report
  • Speeds identification and evaluation of integrity violations
Syslog output:.
Description
Benefits
  • Sends level 0, 1 and 2 reports along with the severity level for each detected violation to the syslog
  • Writes directly to the syslog and sends syslog reports to other management systems for operational integrity alerting
  • Writes to Solaris kernel log and NT security event log
SNMP traps:.
Description
Benefits
  • Sends single-line integrity alert via SNMP traps
  • Integrity events sent via SNMP traps enable integration into other enterprise management systems and reporting packages
Automated Report Archiving:.
Description
Benefits
  • Automates archiving of reports when new change information is found for each Tripwire for Servers agent


  • Ensures that all new change information is backed up and archived
  • Eliminates the manual process of archiving reports, thus saving time for the end user
  • Lowers the cost of compliance reporting
Accept All Changes:.
Description
Benefits
  • Provides one-click functionality to update the Tripwire for Servers database for all selected servers



  • Decreases the number of steps to update changed objects in the database for any number of machines
  • Shortens workflow to approve all changes
Approve By Template:.
Description
Benefits
  • Use a manifest (Tripwire binary report file or any plain text list of file names) to quickly verify that the same changes were applied to any number of other servers.







  • Reduces unplanned work by discovering out-of-band changes
  • Ensures configurations conform to policies
  • IT staff efficiency is increased because they don't spend time investigating expected changes, and availability is increased because Tripwire directs them to investigate undesired changes as their top priority
  • Increases system availability by insuring only expected changes are made to multiple systems
Graphical user interface:.
Description
Benefits
  • View reports, build or modify policy files, create schedules and distribute files all through a graphic interface




  • Easy to use
  • Simplifies navigation, reporting, and supervising integrity functions
  • Color-coded icons quickly identify systems with severe violations
  • View Tripwire help files within chosen default web browser
Centralized reporting:.
Description
Benefits
  • All reports from all machines can be viewed and managed from a central console
  • Print reports with pie charts and change summaries for executive review
  • View multiple reports from multiple operating systems















  • Eliminates need to manually monitor each installation
  • Saves time by prioritizing changes/violations
  • Reduces management costs
Replicate integrity system:.
Description
Benefits
  • Enables creation of a master copy of an established "integrity system" and duplication of it out to any number of other machines
  • Provides an easier mechanism for verifying multiple systems against a single "golden baseline"
  • Users can deploy a specific integrity system to groups of machines




  • Reduces configuration drift and ensure conformance with policies
  • Strengthens Tripwire's ability as a policy compliance and configuration management application
Patch/software rollout verification:.
Description
Benefits
  • Rapidly verifies the successful rollout of identical patches and other software to multiple machines




  • Reduces unplanned work by ensuring changes go through desired tools and process
  • Dramatically improves the validation of patches on a number of machines
  • Organizes reports so the user has an easier way to verify files on specific machines
  • Speeds database updates