Solutions > Industry > Defense and Intelligence
Achieve Compliance with DoD Instructions

Solution Brief

DoD Instruction 8500.2, Information Assurance (IA) Implementation Download now

Director Central Intelligence Directive 6/3 (DCID 6/3)
Download now

Army Regulation 25-2 (AR25-2)
Download now

Industry-specific solutions to meet your specific needs.

WHITEPAPER

Discover how to achieve and maintain FISMA compliance to ensure security of systems and data.

Download now

WEBCAST

Make Change and Configuration Management Processes Auditable and Effective

Register today

Trade shows

See Tripwire solutions in action at an event in your area.

More >

Tripwire for Servers creates a baseline of your system and configuration files, then detects and pinpoints changes and reports them to you. Tripwire enables your IT staff to determine what changed, when it changed, how it changed, and who changed it. This change detection information can be used for:


  • Satisfying compliance directives for maintaining system integrity and tracking changes from a baseline
  • Change detection and verification in a change management environment
  • Verifying the integrity of your other security products, detecting if they've been compromised

Tripwire for Servers identifies changes to system attributes including hash values, file size, access flags, access time, write time, ACLs, inode number, security descriptors and more, and displays them in easy-to-read reports. If you need to know and need proof of the changes to system and configuration files, Tripwire is the industry standard.

"It's common knowledge that if you want to do baselining and detect changes that you need Tripwire."
- Integrator doing 8500 compliance work

Tripwire software satisfies the following areas of DoD Instructions 8500.2 - Information Assurance Implementation for MAC 1 systems


  • Security Design and Configuration Integrity

    • DCFA-1 - Functional Architecture for AIS applications
    • DCPR-1 - CM Process Integrity
    • DCSS-2 - System State Changes Integrity
  • Enclave and Computing Environment Integrity

    • ECCD-2 - Changes to Data
    • ECND-2 - Network Device Controls Integrity
    • ECRG-1 - Audit Reduction and Report Generation
    • ECSD-2 - Software Development Change Controls
    • ECVP-1 - Virus Protection

For full descriptions, click here

References

Tripwire configuration audit and control have been implemented in almost every Federal Cabinet-level agency. Click here to view the list.

Tripwire is Common Criteria Certified and recommended as a best practice by SANS, CERT, and leading security advisory groups. Tripwire is featured on page 30 of the NSA's 60-Minute Security Guide, which you can download here or read this excerpt.

1.800.TRIPWIRE (1.800.874.7947)
Extension 519 for DOD Inquiries
Extension 615 for Civilian Inquiries