Tripwire Enterprise Server

boundlessbazaarΔιακομιστές

9 Δεκ 2013 (πριν από 3 χρόνια και 10 μήνες)

196 εμφανίσεις

Tripwire Enterprise Server


Getting Started

Doreen Meyer and Vincent Fox

UC Davis, Information and
Education Technology


June 6, 2006

Tripwire Topics


Introduction


Demonstration


Product description


UC Tripwire license


Hardware requirements


Tripwire Topics


Documentation


How to ….


Server deployment considerations


Next steps


Contact information


Introduction


What is Tripwire?


Why use Tripwire?


Is it difficult to deploy Tripwire?



What is Tripwire?


Tripwire Enterprise audits changes by
detecting all changes, reconciling
these changes with authorized
changes, and reporting on change
activity. Agents can be any platform,
including network devices like switches
and routers.


Why Use Tripwire?


Monitors ‘important’ file and registry
values and properties (like access
times, flags, owner, etc)


Enables Admins to detect files that are
added, modified or deleted


Provides a history of what changes
during patching

Is it difficult to deploy?


Training sessions are helpful


It will take time to tune the rule set for
your systems


You will need to incorporate Tripwire
steps into system change and patching
procedures as well as daily log checks


Demonstration

(Typical uses of server)

Product Description


Versions


Components


Operating Systems
-

Server


Operating Systems
-

Client

Versions


Tripwire for Servers/Tripwire Manager


Tripwire Enterprise 5.2 (5.5 just
released). Adds reporting, multi
-
user,
hosts + network devices

* This course focuses on Tripwire
Enterprise


TE Components


*File Server


*Network Devices


Desktop


Directory (Active Directory, Sun One)


Database (Oracle)

* = UC licensed component

What can it operate on?

Server Platform


Solaris [sparc] 8, 9,10


Windows 2000 Server


Windows 2003 Server


Red Hat Linux Enterprise 3, 4 AS & ES

Operating Systems
-

Client


Windows NT 4.0 SP6a


Windows XP Professional (Service Pack
2)


Windows 2000 Professional & Server
(Service Pack 4)


Windows 2003 Server (Service Pack 1)


Windows 2003 Server x64 Edition
(Standard, Enterprise & Datacenter)

Operating Systems
-

Client


Solaris [sparc] 8, 9,10


Red Hat Linux Enterprise 3, 4 AS & ES


IBM AIX 5.1, 5.2, or 5.3


HP
-
UX 11, 11i v1, 11i v2


SUSE Linux Enterprise Server 9


Cent OS 4.2


Fedora Core 2

UCOP Tripwire License


UCOP License


Product options


How to request the software

UCOP License


UCOP license, 5000 licensed nodes


Funded through April, 2007


IET subsidized the campus license,
$10,000.00 for three years


Software Licensing will work on a
future license agreement

Requesting the Software


Fill out the form available on the
software licensing web site


Dept name


Requester information (contact info for
person who will be receiving the
license)


License exchange or new license?

Requesting the Software


Server housing DB and web interface:
Tripwire Enterprise Server. Order 1.


Clients that will be monitored:
Tripwire Enterprise Server/FS. Order
1 for each client.


Network devices that will be
monitored: Tripwire Enterprise
Network Device. Order at least 1.


Requesting the Software


Email your request to
software@ucdavis.edu

before 3:00 PM
on June 7 to receive the software
license and download URL by June 9.


The download URL will allow you to
generate a certificate for the server
and download the software.

Hardware


Server Requirements
-

Windows


Server Requirements
-

Solaris


Server Requirements
-

Linux

Server Requirements
-

Windows


3.0 GHz x86 processor or compatible


2 GB RAM


2 SATA or SCSI hard drives


3.2 GB free disk space


4 GB Data storage space


256 color display

Server Requirements
-

Linux


3.0 GHz x86 processor or compatible


2 GB RAM


2 SATA or SCSI hard drives


3.2 GB free disk space


4 GB Data storage space


256 color display

Server Requirements
-

Solaris


900 MHz UltraSPARC III processor


2 GB RAM


2 SCSI hard drives


3.2 GB free disk space


4 GB Data storage space


X
-
Windows capable display


256 color display

How To …


Acquire and download software


Install server software


Change passwords


Secure your tripwire server

Getting Tripwire software


Upon licensing you will be sent a link
in email to your products, follow this
link.


Download te_server and all agents.
The server zip file will also contain all
documentation files.

Installing Tripwire Server


Needs to be installed on console!


Pick install location with enough
space, especially if running database
on same server.

Installing Tripwire Server

Use name to be advertised (e.g. FQDN)

Installing Tripwire Server


Ports, pick and record choices

Installing Tripwire Server


Services pw
-

server/client interaction

Installing Tripwire Server


Wait a bit for service to initialize!


Access web console, e.g.


https://localhost:1443/

Installing Tripwire Server


First thing it wants is license cert!

Installing Tripwire Server


Follow license link, generate cert

Installing Tripwire Server


Change admin account password!


Store new admin account password


Add new admin user(s) for daily work

Tripwire Firewall changes


Open https port to all hosts you will
administrate from


Open Services port to all hosts that
will run the agent.

Tripwire information


3 PDF files included in server zip file,
also on class CD.


Mailing list?

Assignment, due July 12


Order Tripwire software by June 7


Install Tripwire software on a server


Think about: Why are you using
Tripwire? It will guide your decisions
on rules, nodes, users


How should you group your
nodes/systems?

Assignment, due July 12


Who should have access to Tripwire?


What kind of reports will be helpful?

July Training Schedule


July 12: adding and configuring a
node using the basic rule set


July 19: rules, tasks, and actions


July 26: reports, dashboard,
deployment steps

Q&A


Questions?

Contact Information


Vincent Fox
vfox@ucdavis.edu


Doreen Meyer
dimeyer@ucdavis.edu


Robert Ono,
raono@ucdavis.edu


software@ucdavis.edu


support@tripwire.com