Tripwire ExpertOps FAQ
Q: What certifications does the Tripwire® ExpertOpsSM data center hold?
A: PCI DSS and SOC2. Copies are available upon request.
Q: Who is my Managed Service Engineer (MSE)?
A: A certified Tripwire Managed Service Administrator
Q: What type of training does the ExpertOps Administrator have?
A: The MSE Team all hold formal Tripwire Enterprise Engineer Administrator Certifications, as well as, several other industry endorsements.
Q: Will we still need Tripwire product training?
A: It is not necessary, but may provide additional insight into the solution capabilities.
Q: What is the difference between a Tripwire on-prem software instance and Tripwire ExpertOps?
A: Tripwire on-prem software instance is hosted on your infrastructure and managed by your staff. All updates/quality control are the responsibility of your corporation or organization.
Tripwire ExpertOps provides separate Tripwire instances in a hosted environment cloud under specific security certifications (PCI and SOC2), includes an expert/ trained Tripwire Administrator, and completely maintains the environment and updates.
For more specifics please see Tripwire ExpertOps Service Terms.
Q: Does Tripwire ExpertOps run different versions of Tripwire software than on-prem?
A: Tripwire ExpertOps always runs the latest available version of Tripwire solutions. In contrast, most on-prem deployments tend to be one to two versions behind.
Q: Can I access my Tripwire reports any time?
A: Yes, Tripwire reports are available thru our ExpertOps Portal or directly via your corporation/organization’s ExpertOps Console to authorized users 24/7.
Q: Where does my data reside?
A: Collected data resides in your separate instance in ExpertOps hosted environment.
Q: Who owns my data?
A: The client does and has access 24/7. Upon request, data can be made available for download.
Q: Will my data be comingled with other clients’ data?
A: No. Each client has their own separate Tripwire ExpertOps instance.
Q: I am a current on-prem client who wants to transition to ExpertOps; what happens to the data contained in my current Tripwire instance?
A: We recommend that you maintain the instance for historical purposes, dependent upon your corporation risk/security data retention policies.
Q: I am a current on-prem client, can I use any of the configurations within my current instance?
A: Typically yes, but should be reviewed/ discussed with your ExpertOps Management Team.
Q: How many policies can be used to monitor my infrastructure?
A: This will depend upon the contracted level of ExpertOps with the corporation or organization. Please read the Tripwire ExpertOps Service Description for details.
Q: Can I use my own customized policy?
A: Yes, depending upon the contracted level of ExpertOps with the corporation or organization. Please read the Tripwire ExpertOps Service Description for details.
Q: Does ExpertOps this include File Integrity Monitoring?
A: Yes, every instance of Tripwire ExpertOps includes FIM and SCM capabilities.
Q: Does ExpertOps support two-factor authentication?
A: Yes, ExpertOps requires two-factor authentication and is provided.
Q: What is included in onboarding?
A: The onboarding process is treated as a focused project, coordinated by the Managed Services Team. Specific tasks included will vary, dependent upon the contracted level of ExpertOps with the corporation or organization.
Q: What is required for my corporation/organization connection to the ExpertOps environment?
A: A virtual proxy appliance will be provided for deployment so as to establish the VPN connection back to ExpertOps.
Q: What teams need to be involved in initial deployment?
A: Multiple teams from within the organization may be involved. Agents will need to be deployed on all target assets, a virtual image needs to be imported and configured, and specific network ports will need to be opened. The security team should also be involved to ask questions around any concerns with the proxy appliance or connection into ExpertOps.
Q: Who deploys the agent?
A: Clients are responsible for deployment, or optionally the client may enlist Professional Services.
Q:What compliance certifications does ExpertOps hold?
A:The ExpertOps environment is PCI and SOC2 certified.
Q:What is the proxy appliance?
A: The proxy appliance is a hardened Linux image that securely forwards information from a customer’s environment into their specific hosted instance.
Q: What type of connection is established between the proxy and ExpertOps hosted environment?
A: The proxy establishes an IPsec connection.
Q: Does ExpertOps support monitoring of my network devices?
Yes, see Tripwire Enterprise System Requirements and Supported Platforms.
Q: Which network ports does the appliance use?
A: Please refer to the diagram below.
Q: Where is the ExpertOps environment located?
A: Currently, ExpertOps is hosted in an US-based cloud environment.