Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
TRIPWIRE®
CONFIGURATION
COMPLIANCE MANAGER
HIGHLIGHTS TRIPWIRE CONFIGURATION
»» Asset Discovery—Find all COMPLIANCE MANAGER 5.17
the IP-addressable assets ASSET DISCOVERY, CONFIGURATION AND PATCH COMPLIANCE
within your environment AUDITING, RISK AND PRIORITIZATION REPORTING
and create a hardware
and software inventory Enterprises in many regulated industries firewalls, desktops, laptops, servers and
»» Configuration Compliance must comply with rapid regulation and printers. Tripwire CCM then enumer-
Audit—Agentlessly assess compliance updates and increasingly ates the configuration and applications
and audit compliance of complex audit requirements. Global discovered on each system and provides
network infrastructure devices compliance standards in 2014 under- detailed information on thousands of
and other key systems went over 40,000 compliance updates. configuration variables. It identifies
In addition, increased risk from escalat- and assesses virtually everything on
»» Patch Compliance Audit— ing cyber threats brings significant new the network, from routing table entries
Assess what patches have challenges to enterprise compliance, IT and access control lists to antivirus and
been applied and know what Security, and IT Operations teams. system logging status, all without requir-
is missing or available ing agent software on the endpoints.
»» Audit-Ready Reporting Challenges include:
and Dashboards—Different, »»Compliance Policy Change CONFIGURATION
flexible views of compliance and Complexity COMPLIANCE AUDIT
and audit data based on role »»Gap Analysis Tripwire CCM audits each system’s
»»Limited Resources configuration and compares any
»»Sustaining Audit configuration changes with relevant
»»Growing Cybersecurity Risk best practice and industry standard
»»Financial Risk policies from NIST, CIS and Microsoft.
»»Increasing Audit Costs and Tripwire CCM also provides policies
Short Timelines for specific regulations such as PCI,
SOX, HIPAA, NERC CIP and more.
THE TRIPWIRE CCM SOLUTION
Tripwire® Configuration Compliance The current release of Tripwire CCM
Manager (CCM) delivers innovative significantly increases Linux policy
agentless compliance and security coverage by incorporating over 100
audit that has proven to be light touch Tripwire Enterprise Linux policies.
on most enterprise infrastructure and
quickly provides value and insight PATCH COMPLIANCE AUDIT
through a risk-prioritized view of enter- Patch compliance auditing is a criti-
prise compliance and security posture. cal step in reducing security risk and
achieving compliance. Tripwire CCM
TRIPWIRE CCM CAPABILITIES includes a powerful audit capabil-
ASSET DISCOVERY ity to find missing and unapplied
Upon installation of Tripwire CCM, patches. Whether managed through
asset discovery can be rapidly enabled the Tripwire CCM console or an easy-
to discover all IP-addressed active assets to-use report, you can quickly identify
such as routers, switches, gateways,
Configuration Compliance Easily assess network infrastructure devices, desktops and servers for audit compliance, with visualized and
Audit actionable color-coded prioritization.
File and System Integrity Most compliance standards require some type of file and system integrity monitoring for assets “in-scope.”
Monitoring Tripwire CCM’s monitoring is on-demand or scheduled, and provides change deltas from prior assessment,
giving trends and insight as to how the environment is maintaining compliance.
Patch Compliance Audit Know if your critical systems have the latest security patches applied and fulfill many compliance requirements
to keep systems current, patched and hardened against possible cybersecurity threats.
Audit-Ready Reporting and Different audiences within the organization need different views of compliance, trends and audit data;
Dashboards Compliance, IT Security, IT Operations, and executives all have specific information needs that can be flexibly
and visually presented based on roles.
Continuous Compliance Overall these capabilities combine to help enterprises achieve continuous compliance rather than a highly
variable status as they prepare for “point-in-time” compliance, and has been shown to reduce compliance and
audit readiness costs by 25–40%.