Read this white paper to find out the first solution to effectively combine configuration assessment and file integrity monitoring, enabling automated and sustainable configuration control throughout virtual and physical infrastructures.
File Integrity Monitoring:
Compliance and Security for Virtual and Physical Environments
white paper
Configuration Control for Virtual and Physical InfrastructuresContents
3 Executive Summary 3 An Increased Need for Visibility into IT Configurations 4 What is File Integrity Monitoring? 4 Establishes a Baseline 5 What's Being Watched? 6 Why Do Organizations Need File Integrity Monitoring? 7 A Checklist of Product Requirements 13 Configuration Assessment: Beyond File Integrity Monitoring 13 Tripwire-Complete Configuration Control 14 Tripwire-The Key to Complete Coverage
2 | WHITE PAPER | File Integrity MonitoringExecutive Summary
Today's organizations rely on numerous devices and applica- industry and expert-recommended best practices and standards tions in their physical and virtual IT infrastructure to carry such as the Payment Card Industry Data Security Standard (PCI out their everyday business. When these devices are configured DSS), the Center for Internet Security (CIS) benchmarks, or improperly, whether as a result of malicious hacker attacks or VMware Infrastructure Hardening Guidelines, provide visibility inadvertent employee modifications, the IT infrastructure may into the state of your IT configurations and deliver prescrip-be exposed to security risk that leads to service outages and tive remediation guidance to help achieve a known and trusted theft of sensitive customer or organization data. state. When seamlessly combined with a file integrity monitoring As a means of combating issues caused by improper change, solution, organizations gain control of their IT infrastructure organizations employ file integrity monitoring solutions to keep configurations and maintain its trusted state.an eye on a variety of files associated with the IT infrastruc- Tripwire's industry leading configuration assessment and file ture, including configuration files, registry files, executables, integrity monitoring software solutions enable IT organizations and more. Many of these solutions first establish an authorized to achieve and maintain configuration control. With industry-baseline configuration, which represents the known and trusted leading policies for comprehensive infrastructure elements state of a system. The solution then monitors these files for and platforms, Tripwire® Enterprise is the first solution to any change that diverges from the established baseline con- effectively combine configuration assessment and file integrity figuration and alerts IT when changes are detected. IT can then monitoring, enabling automated and sustainable configuration determine if the change is a good change or an undesirable one control throughout virtual and physical infrastructures. and take any necessary corrective measures. Some file integ-rity monitoring solutions can automatically reconcile changes An Increased Need for against pre-defined parameters to help streamline the change management process. Visibility into IT ConfigurationsAt a minimum, a file integrity monitoring solution should be The IT infrastructure of an organization, whether public, able to establish a baseline, monitor for configuration change private, or governmental, may have hundreds or even thou-relative to the baseline, determine if change is planned or sands of servers, devices, applications, and other elements that unplanned, alert when unplanned change occurs, and provide support its everyday business processes. And more and more, detailed information to help IT remediate any improper chang- organizations are beginning to deploy virtual environments es. Using a detailed requirements checklist can help ensure into this infrastructure. But for the organization to benefit you've chosen the right integrity monitoring solution for your from these infrastructure elements, whether physical or virtual, IT infrastructure. each must be configured properly. That is, the files associated But file integrity monitoring is only half of the configuration with each element must have settings that reduce the risk of control story. Without first verifying the integrity of the IT infra- security breaches, optimize operations, and help achieve com-structure, the likelihood that those changes will have a negative pliance with relevant regulations and standards. File integrity effect increases. Configuration assessment solutions address the monitoring helps IT ensure t... [download for more]
