Tripwire for Servers 4.5, Tripwire Manager Announced

Enhanced change-verification capabilities increase network availability by exposing unintended changes, circumvented change management processes, and security compromises

PORTLAND, Ore. — July 27, 2004 — Tripwire®, Inc. announced the availability of Tripwire for Servers and Tripwire Manager versions 4.5. Together, the products identify unintended changes to server file systems and configurations, circumvented change management processes and potential security compromises by enabling organizations to first validate and then approve pre-tested and authorized changes. Through broader integration with leading enterprise management systems (EMS), now including Remedy Action Request System®, as well as change approval and policy tuning enhancements, Tripwire strengthens the ability to control change and maximize network availability, reliability and security.

Tripwire for Servers and Tripwire Manager detect and expose unintended changes, circumvented change management processes and compromises to security. Enterprises implementing Tripwire for Servers experience greater availability, more reliable systems security, and verifiable compliance with internal policy and regulations. Tripwire Manager enables secure, centralized management of Tripwire for Servers installations across the enterprise.

“Human error is the major cause of infrastructure problems, unplanned downtime and interrupted revenue,” said Stephen Elliot, senior analyst of Network and Service Management at IDC. “IT departments can avoid this self-inflicted damage by expanding detection and monitoring controls to include automatic notification of unauthorized and unintended changes.”

“While many companies deploy change management processes and systems to track, assign and manage changes across their IT and Security environments, they often lack the ability to enforce and authorize change verification. This inability is wreaking havoc on businesses, resulting in unreliable or unstable systems and service downtime,” said Jim B. Johnson, CEO of Tripwire. “Tripwire fills this critical gap by providing broad and independent resolution of IT infrastructure changes.”

New features in version 4.5 allow organizations to independently verify successful patch and software application deployments, avoiding unintended or unexpected results. Through integration with EMS systems such as HP Service Desk and Remedy AR System, intended changes can be documented within change tickets and those tickets closed only when actual results match authorized changes, enforcing the change management process and easing the burden of documentation. Key features include:

  • Approve by Template: Enables users to quickly and easily approve intended changes, such as network-wide patch or software deployments, by comparing the actual changes detected on target servers with a pre-determined set of expected changes created by testing or staging changes before they are deployed onto production servers.

  • Integration with Enterprise Management Systems: Tripwire adds Remedy AR System to its growing list of packaged enterprise management systems integrations. Sold separately as the Tripwire Manager Integration Toolkit for Remedy AR System, it takes full advantage of a growing number of Tripwire actions that can be executed by third party software packages. This toolkit extends and complements existing investments in change management tools by performing common tasks such as checking for changes, viewing change reports, and displaying and archiving various Tripwire for Server files. This automates common change management workflows to make validating authorized changes easier and more meaningful.

  • Enhanced Policy Editing: Provides an intuitive way to edit policy files directly from the Report Viewer in Tripwire Manager. While viewing reported changes, a user can select an item in the report, go directly to the related rule in the policy file and make the necessary edits. Alternatively, the user can exclude the rule entirely, increasing the effectiveness of change reporting through easier tuning of policy files and dramatically reducing time spent editing policy files.

  • Approve by Severity: Gives users a fast and convenient method to update changes that are of low importance. Users now have a simple way to approve violations based solely on their severity levels. Severity levels give users a means to prioritize files or groups of files by levels of importance. By selecting a range of severity levels, the user can quickly approve all detected changes that match the criteria in one step.

  • Verify Site and Local Passphrase: Allows Tripwire Manager users to verify that TFS site and local passphrases have not been altered or corrupted. The user can request to verify these passphrases at any time. This not only improves product security, but also assures users that Tripwire for Servers software and passphrases have not been compromised.

About Tripwire for Servers with Tripwire Manager

Tripwire for Servers with Tripwire Manager is a Change Monitoring and Analysis system that provides IT system administrators with the ability to report on in-depth file system changes on Windows and UNIX servers. Information regarding changes to the system is reported and integrated with other security and enterprise management systems to provide IT administrators and managers with information to answer the fundamental question that is asked when servers go down or do not operate properly: What changed? This enables increased server security, accountability of changes and improved visibility of authorized and unauthorized changes, which ultimately delivers higher availability of IT services.

About Tripwire, Inc.

Tripwire, Inc. is a leader in change monitoring and analysis. For more information visit: