Fortra's Tripwire Enterprise Reviews

My use case for Tripwire Enterprise is configuration monitoring and regulatory purposes for the NERC CIP standards. That's about fifty percent GRC and fifty percent security around the NERC CIP standards.

What's most valuable in Tripwire Enterprise is the ability to execute custom COCR rules that lets me fine-tune how I monitor Linux and Windows agents.

An area for improvement in Tripwire Enterprise is stability, as my company had stability issues with the last few versions of the solution.

Tripwire Enterprise has been a bit buggy and has some issues not made public, even when it is aware of the problems. When you open a support ticket, the team will respond that it's a known issue, just not documented. I then have to fix the problem, which I'm doing right now.

I have been using Tripwire Enterprise for about six years now.

Tripwire Enterprise has excellent scalability.

The technical support for Tripwire Enterprise is above average, so it's a seven out of ten. Support used to be excellent, but that's no longer the case after Fortra purchased Tripwire Enterprise. The purchase had some impact on the technical support.

Neutral

My company went with Tripwire Enterprise because it's standard for NERC CIP security.

I was not involved in setting up Tripwire Enterprise.

Tripwire Enterprise is worth the money within the ICS and NERC CIP space. It isn't easy to monitor industrial controls, yet the solution allows you to do that.

I have no information on Tripwire Enterprise pricing.

I'm using Tripwire Enterprise version 9.0.

In my company, thirty to forty people use Tripwire Enterprise, mainly different types of engineers, governance, risk, compliance, and cybersecurity personnel.

I advise people planning to use Tripwire Enterprise to take the training because the solution has a fairly complex interface. You can do a lot of work with it, but it isn't very easy. Tripwire Enterprise is a sophisticated tool.

I rate the tool an eight on a scale of one to ten because it does an excellent job of handling the unique challenges of maintaining NERC CIP compliance and monitoring industrial controls.

I primarily use the solution for many use cases. 

We've delivered many clients' compliance solutions. It's helped with suggesting compliance, including HIPAA, ISO, et cetera. It suggested what we need to do at the device level, whether endpoint or network.

It also helps manage and monitor changes, including unauthorized changes. 

The baseline features are great. You can map changes well. Even if you change a single word in Notepad, it will let you know whether it was added, removed, or modified. It will let you know exactly where something changed, what changed, and what it was changed to. 

The GUI is dated. It needs a refresh. 

A lot of network devices need a custom integration. It doesn't come with predefined tools or datasheets. We'd like the company to have predefined rules and policies. Right now, we need to customize randomly.

I've been using the solution for at least three years.

It'd rate the stability seven out of ten. I have noticed a few crashes.

The scalability is good. I'd rate it between seven or eight out of ten for extensibility.

I do have plans to increase usage. 

Technical support could be better.

Neutral

The initial setup was moderate. It's not too easy or hard. It depends on how we need to deploy and which features we want to leverage. For example, if we are using compliance, we have to do some high-level customizations. 

I have witnessed a substantial ROI.

I'm not sure of the exact prices since I have not used other solutions. I have nothing to compare it to.

I'm not sure which version I'm using. 

If you're planning t do network integrations, you must have knowledge of rules and policies and the core commands of devices. If you are configuring Cisco, you need to understand the product. You likely will have to understand it at a CLI level. 

I'd rate the solution seven out of ten. 

We use the solution for compliance purposes.

File monitoring is the most valuable feature of the solution.

The Windows online integration license needs to be improved.

I have been using the solution for two years.

The stability is good and it depends on the number of devices we need to monitor.

The solution is scalable.

The initial setup is not difficult. One person can deploy the solution.

I give the solution an eight out of ten.

The solution is a good product that helps with compliance and I recommend it.

We use Tripwire Enterprise for monitoring configurations on your devices.

The most valuable feature is integrity management. I had some discussions with service providers, and they also agreed.

Cloud monitoring could be better. It could be cheaper. It would also be better if the company followed a pay-as-you-use model.

Tripwire Enterprise is very stable. We haven't had any outages. 

Tripwire Enterprise is a scalable product. We have about 70 developers and mostly engineers working on this solution. 

I had some interactions with technical support when I was a product manager, and it was good.

Positive

You have to pay the licensing cost up front, so it's expensive. I would prefer it if the company followed a pay-as-you-use model. 

On a scale from one to ten, I would give Tripwire Enterprise a six. 

Banks have different compliance requirements, such as CIFs or NEFT, and they want to monitor everything at the OS, application, server, and virtualization level. They want to detect who has made the change, when did they make the change, and what is the root cause of those changes. We can monitor all this along with root causes with the Tripwire Premium solution. We are monitoring different files, folders, registries, applications, and servers. We are also implementing GuardianOS.

Its reporting features are great. It gives you an in-depth report. Its customization is also great, and it is working fine.

It needs more local support from the OEM side. It would be great if this can be improved.

I have been using this solution for one year.

It is stable.

It can be included in all sectors, but most of the time, it is introduced in enterprises.

Their technical support is nice. I am satisfied with them.

Its setup is straightforward. Its implementation doesn't take a long time. It depends on the size of the implementation and the knowledge of a user.

I would rate Tripwire Enterprise an eight out of ten.

The primary use case of this solution is for:

• Check File Integrity
• Check Databases Configuration Integrity, Network devices
  
• Monitor changes manually or in real time
• Validate legitimate changes
• Reverse unauthorized changes
• Test node compliance against standards( ISO 27001, PCI DSS, SWIFT...)
• Automatic and manual remediation
• Generate reports manually or automatically
• Send notification emails
• Send logs via Syslog protocol

The most valuable feature is the integrity. 

If the file configuration has been modified, this solution calculates a hash code of the file. This means that if someone has changed the file, the solution will recalculate the hash and the admin receive a notice that the file has been modified, by sending an email or an alert to the administrator that someone has modified, added or deleted a line.

Not just files, but others like tables metadata, network device config...

The main functionality is good, it's the best. Maybe they can add more functionality, for example, they can add a rollback feature so that if someone has changed the file, it will give you an old version of the file and integrate it directly into the system. This is done for network devices but not in other devices. It's a good functionality to have but it's not necessary because it is the work of the administrator, not the solution.

In the next release, I would like to see a guide for every solution to be implemented, bacause it takes some time to understand what files you need to check or what databases.

The solution works with other solutions but there is no guide to explain how to do so. but if you know what files must be monitore, then you can considere that the implemention is well done.

I have been using this solution for one year.

This is a stable solution.

This solution is scalable and it is easy to add users.

We deploy this solution to other organizations that range in size from small to medium and large companies.

We have contacted technical support in many cases and they are very good.

The last time that we contacted them was for an issue that we were having in deployment for the AIX systems. There are several errors when deploying this solution to AIX ystems, but with the help of support, it can be done.

It's easy to deploy this solution but to integrate the equipment for your use case is not that easy. It can be a bit difficult.

It can take three weeks to deploy this solution, but it depends on the environment and he amount of equipment.

You can have one or two people to deploy this solution and it can be as many as two for maintenance.

We have a team that can deploy this solution in other companies.

The licensing depends on type of the equipment, how many devices and the types of devices.    

When I first started working with Tripwire, I was only working on file integrity, but there are more functionalities for this solution that i can considure as the best like testing node compliance against standards, and rollback functionality for network devices, also there is an option that when you test your node compliance againt standards Tripwire give the ability to start automatic remediation for your system, or a guide to remediate and fix it manually.

I would rate this solution a nine out of ten.

Our primary use case for the Tripwire Enterprise solution is for vulnerability assessment.

It has improved our organization because we are now able to do vulnerability assessments for our customers.

We use Tripwire Enterprise as a tool to test the vulnerability of a network. That is the most valuable feature of the product for us.

The main way that it can be improved is through better reporting. 

As for additional features, the product that we purchased has almost all of the features that we or one of our clients would require.

The stability of Tripwire Enterprise has room for improvement, but it's about 75% what it should be already.

The scalability of Tripwire Enterprise is very good. We have a team of four people that do the assessment. They are security engineers. For deployment and maintenance, we only require one person.

Technical support is very good.

The initial setup is straightforward. Deployment took us about a week with training. The implementation strategy was to do the assessment for customers that we approached.

We are an integrator company. We integrate it ourselves.

It is very cost effective.

One of the features of this solution is that they have a fixed annual price license for a limited number of users.

We had about 18 products that we evaluated and ended up with this one.

I would recommend to anybody to try out Tripwire Enterprise. It's a very good solution for the cost. I would rate the product an 8 out of 10 points.

The solution is used for hardening and tracking changes. It can be used for file integrity monitoring and secure configuration management. Tripwire is a traditional SCM solution.

The product supports different platforms.

The solution has some limitations in OT, IoT, and AIX. The product must provide whitelisting services.

I have been using the solution for less than six months.

The tool is stable.

The tool is scalable. We might need more than one console.

The initial setup is complex. The time taken for deployment depends on a lot of things. The deployment might take some weeks. The tool can be deployed on the cloud and on-premises.

Tripwire is more expensive than Netwrix.

Netwrix Change Tracker has a modern architecture and better scalability. It provides easier administration.

Whether the solution suits a company depends on the company’s requirements. Overall, I rate the product a ten out of ten.