Tripwire Enterprise is a security configuration management suite whose Policy Management, Integrity Management, and Remediation Management capabilities stand-alone or work together in a comprehensive, tightly integrated SCM solution.
Five Key Features:
  • Change-triggered Configuration Assessment
  • World’s Best File Integrity Monitoring
  • Achieve Continuous Compliance
  • Integrate SCM into IT Security Operations
  • Visualize and Report SCM Results to Communicate & Mitigate Risks

Our version is 8.3. Here are some basic steps to configure a new network device node in the Tripwire Enterprise 8.3:

1. Add a new node:

Assigned to Custom type Cisco which gives more flexibility.

Enter correct username and password.

Important part is to give right maker and model information to get it auto assigned into smart group.

This screenshot shows the new node assigned to right Cisco Nexus 5000 group.

2. Do a check or baseline to new node with proper rule. 

In this example, I used Cisco IOS configuration Rule which is to run Show Running-Config command

3. Rules. 

Create a new rule for your device. Using Network Device -> Common -> Command Output Validation Rule template:

In the rule, put proper command just as following screenshot shows:

Next Screenshot shows how to check Checkpoint rules.C

Another thing in the rule is Target Node Type.

4. Report

Create a report based on a report template.

5. Task.

Schedule a task to send the report to your email.

By Jon

Leave a Reply