Tripwire recently announced the release of Tripwire Enterprise (TE), version 9.0, Axon Agent 3.27, and TE Agent 9.0.0. While the full list of features may be viewed on our web site, as a product manager, I wanted to take some time to introduce some of the changes in this new release.
What’s new in Tripwire Enterprise 9.0?
The first significant change is in the appearance of the interface. We removed the orange button from the top right of the window, which many people didn’t like, and the entire graphics have been given a makeover. Our customers requested a more modern look to the software, and we listened. We changed the look without disrupting usability, keeping all of the buttons in the same locations and retaining the same names. It’s a new interface without interrupting any of the workflows. This makes the transition from the earlier version to the new version as seamless and smooth as possible. In fact, the updated colors and fonts are actually more readable than before.
There were in total a little over a thousand updates made to the user interface for TE 9.0. Along with the new fonts and colors, the icons have been updated to add consistency as well. We created an icon system where there are fundamental elements. A rule has a particular icon, and a file system shows a set of folders in the bottom right corner, and a registry rule has the Windows logo in the bottom right corner of the window. Even the command output capture rule is updated, represented as a command prompt in the bottom right corner of the display. The icon designs make everything fundamentally consistent across every page of the interface throughout the entire product. In the earlier version, there were hundreds of icons in the product. We have reduced that to less than 100, which increases the speed of visual familiarity between elements. We focused heavily on the usability aspect without changing the workflows our customers are familiar with.
More important than the visual appeal, of course, are the functional changes as well. Conceivably, the most frequent administrative task is not in the console, but in keeping the endpoint monitoring updated to match the deployment of new servers and workstations. The agent installations are where many customers spend most of their time. For example, the Axon agent installation for Red Hat Linux required multiple files, executed in a particular order. A seasoned Linux administrator may be comfortable with the process, but it was not the best method for someone who does not spend their time operating Linux systems.
The agent now consists of a single download bundle direct from the console which includes the preconfigured settings to communicate back to the same TE console. Even more interesting is that TE 9.0 includes the Axon agent as part of its core system, which means that it doesn’t get pulled down from the internet. This makes it easy to deploy on both an air-gapped system, as well as a fully internet-connected system. This is known as the zero configuration agent, relieving our customers of what was once the most burdensome task when a new system was introduced into an environment. With the zero configuration agent, the task can be automated more reliably leading to less maintenance time and more efficiency.
Log management has also been better integrated in TE 9.0. Configuration options have been added, giving the ability to customize the logs before they are transmitted to Splunk, ArcSight, or whichever SIEM you use. Different fields can be included in log messages, offering a more complete and thorough set of data for these log events coming out of TE. Individual control at a per-field level is available thanks to the new Common Event Format (CEF) messages. For example, if you prefer to exclude the node name, a simple click of a box to deselect the name is offered. The same is true of user Identifiers, and TE console information as well. The ability to customize this completely is radically different from our earlier focus, which expands the functionality for the customer.
This is the first of many new functionality updates coming in TE, specifically about getting data out of Tripwire Enterprise. Future updates will include more log customization capabilities. We want to make the information collected about your systems available wherever it's most meaningful in your environment, in whatever format is the most helpful and actionable to your teams. We want to reduce the amount of time spent configuring TE so it works as best as possible for your environment. We want you to extract value from it with the minimum amounts of difficulty. This is the primary focus in our strategy and focus going forward. We are also starting on the effort to embed many apps that were previously add-on products with separate installations and configurations—further improving your time to value with TE 9.0 and the future releases.
We are also working to make a very large shift towards updating the agents and the console for a lot of new cloud functionality in upcoming releases. This includes monitoring cloud assets with new options, such as pulling tags for EC2 instances in AWS, or better classifying your assets in a hybrid or cloud first deployment. This will enable our customers to have better ways to understand the structure of their cloud environment, what assets are there, what is being monitored, and how to configure that monitoring. Then, we'll start looking at monitoring the cloud accounts and containers as an additional type of monitoring that we don’t simplify today.
Tripwire Enterprise 9.0 represents more than just a new version of our flagship product. It is a new focus towards better functionality, easier configuration, and new features, all with our customers in mind and based on feedback they have given us.