 |
 |
I'm assuming at least some of you have experience with Tripwire software in some form or another. For those of you who don't have experience with it, it's purpose is integrity verification. The whole idea is that it takes snapshots of your system and then compares the snapshot with a previously taken baseline picture. Knowing this information is great for both security purposes, and change management. The security uses are pretty obvious, but we've also used it to determine (with a reasonably high certainty) whether patches really were applied to a server. We've been using the commercial version of Tripwire for seven years now, on both Windows and Unix variants. Our current Tripwire installation is on our highest-value assets. As part of our ongoing security efforts we have been funded to expand this effort to all of our AIS-owned devices in our datacenter. When we talked with the vendor about this, we learned that there were a couple of other units on campus that were going to be investing in Tripwire in the near future. Additionally, the vendor mentioned that with the three prospective purchases we would be over half way to a site license for the entire campus. The site license would be for the entire Tripwire suite, which includes the ability to detect change in: Network Devices - Switches / Routers / Firewalls / IDP / IPS Windows Servers Unix/Linux Servers Desktop Workstations Databases - currently just Oracle, MS SQL and MySQL are supposed to be in the works. Directory Services - Active Directory, Sun Java System Directory, Novell E Directory Additionally a central management system is included in the site license -- which can be deployed multiple times, meaning each unit could have their own management system and/or there could be a central deployment. With that being said, we're in the real preliminary stages of this, and I wanted to poll campus and see if anyone else might be interested in this product. I'm assuming a site license would be managed through the MSU Computer Store, but once again, we're nowhere near that point. I'm just trying to find out if other people might be interested in this, and if it's worth the effort of moving forward on the possibility of a site license. Additional information on Tripwire Enterprise can be found at: http://www.tripwire.com/products/enterprise/index.cfm . Also, if you have any questions feel free to ask. Thanks, and let me know if your department could be interested, -tim ________________________________ Timothy D. First, CISSP, MCSE Information Technologist III Michigan State University Administrative Information Services [log in to unmask] (517) 353-4420 x335 Fax: (517) 355-5176