Tripwire Enterprise
Tripwire, www.tripwire.com
Ralph Waldo Emerson said, "A foolish consistency is the hobgoblin of little minds" -- but certainly maintaining consistent system configurations is a serious matter to diligent security managers. That's why Tripwire Enterprise, which provides a 24/7 real-time window into network change management, won the gold medal for network security management.
"It's a great set of electronic eyes," says Steve Kirschbaum, CISO for Openwave Systems, which develops cell phone software for large telecommunications firms. "It has robust monitoring capabilities. We have more visibility into the Web infrastructure and critical servers; we can do more remotely."
In its initial deployment, Openwave used Tripwire to monitor its FTP site for delivering software to customers. Tripwire's ability to monitor the site in real time allows the company to claim revenue as soon as the software is posted. Further, the detailed and accurate audit reports give Kirschbaum peace of mind for regulatory compliance,
especially SOX.
Before Tripwire, "It was pretty spotty, notifying the client and notifying finance. It wasn't always accurate. With SOX, accuracy is big," Kirschbaum says. He is planning a more extensive rollout to monitor and produce reports on Openwave systems and development organizations in Europe and Asia.
Tripwire came out on top in a diverse, complex category. Network Security Management encompasses not only change control, but security information and event management, policy management and security device management.
Tripwire Enterprise monitors files, directories, registry settings, directory server objects, and configuration files on file and directory servers and network devices.
This provides sweeping change control coverage across the organization, giving security managers timely notice about which systems have fallen out of compliance -- through unreported installations, configuration modifications or attacks --and confirming that authorized changes have indeed taken place. Tripwire provides detailed reports that verify system integrity or give staff the information they need to investigate and remediate noncompliant devices. It can be integrated to direct third-party tools to automate remediation.
Kirschbaum, who had extensive experience with Tripwire at a previous job, looked at competitive products, but says Tripwire has a good brand name, and that he's sold on its "great customer service."
And he had an important ally. "It gave us exactly what our business required," he says. "Our finance people requested it by name."
ePolicy Orchestrator
McAfee, www.mcafee.com
Making diverse security tools play beautiful music together, Orchestrator centrally manages McAfee security products, correlates data and detects rogue systems. Users like its performance and security.
eTrust Security Command Center
CA, www.ca.com
Like an enterprise General, eTrust Security Command Center puts combined arms to work, correlating security data and integrating with vulnerability assessment and remediation tools.
