Professional Documents
Culture Documents
Tripwire S&O
Tripwire S&O
white paper
The Need for Complete Stable business operations rely on both security and the
ability to manage desired and undesired change. In short,
Coverage for Detecting they rely on integrity assurance best practices—best
Change in the Data Center practices that form the foundation for the configura-
tion assessment and change auditing provided by Tripwire
Numerous change and configuration management solutions
Enterprise.
are available for pre-approving and scheduling requested
changes such as device reconfigurations, software patches, 1 Tripwire Proactively
Assesses Configurations
and upgrades. However, when it comes to detecting and Across the Data Center Enterprise
Risk Profile
analyzing unwanted changes on systems after they occur,
Are you
most organizations have no solution in place or expect within policy?
traditional security tools—perimeter defenses, authentica-
tion servers, and physical measures—to handle the risks
unauthorized changes introduce. This is where well-intended 2
security efforts fall short. Most security solutions assume Known,
Trusted &
that changes are the result of activities by malicious out- 3 Compliant
Tripwire
Take Action State
siders. In truth, industry analysts IDC and Gartner Group detects all
change
Remediation
estimate that 70 to 80 percent of all change resulting in Reconciliation
Reports Are changes Are changes
downtime or reduced operational capabilities is initiated by
compliant? authorized?
people within the organization, and most of those changes
Tripwire delivers immediate value to your compliance efforts by
are accidental or unintentional. As a result, many tradi- assessing every change as authorized, within policy and compliant
tional security solutions cannot detect internal changes, with operational, regulatory and security standards.
Circumventing Attacks
Proving Compliance: The Need Security systems have difficulty fending off malicious denial
for Trusted Audit Data of service (DoS) attacks. DoS attacks can flood servers
and networks with traffic or modify system configura-
The ramifications of limited visibility reach beyond having
tions in order to deny access to legitimate users. According
to deal with an attack or outage. Most large organizations
to information released in October 2001 from the U.S.
perform regular audits of their IT systems, and many must
government-funded Computer Emergency Response Team/
demonstrate compliance with outside regulators, agencies,
Coordination Center (CERT/CC), DoS attacks are increasingly
and even customer requirements. Visibility of all change
focusing on routers, which can be easily taken over when
activity—with associated metrics—is quickly becoming an
poorly configured or administered.
poorly managed servers can leave the door wide open to 2 Best Practices for Operational Change Management. Gartner Group,
March 6, 2003.
malicious attack and the resulting costly consequences.
3 Expert: Router holes threaten Net. CNETNews.com, February 28, 2003.
Organizations preparing for next generation security archi- 4 Managing Application Security From Beginning to End. Forrester
tectures are now moving to develop proactive application Research, August 2007.
www.tripwire.com
© 2008 Tripwire, Inc. | Tripwire is a registered trademark of Tripwire, Inc. All other product and company names are property of their respective owners. All rights reserved. | WPGS8