Tripwire Enterprise Server Network Nodes, Reports, and Dashboards

1. Tripwire Enterprise Server Network Nodes, Reports, and Dashboards Vincent Fox and Doreen Meyer UC Davis, Information and Educational Technology August 9, 2006

2. Network Device Node • A network device node can be any router, switch, firewall, load balancer, or unix-compliant system

3. Adding a Network Device Node

4. Adding a Network Device Node

5. Adding a Network Device Node

6. Adding a Network Device Node

7. Adding a Network Device Node

8. Adding a Network Device Node

9. Adding a Network Device Node

10. “Network Device” Rules • See User Guide p. 79 • Configuration File Rules – check ONLY config files of many common hardware devices. • COVR – Command Output Validation Rules. Useful to check any runtime aspect of a device. Example: netstat -nr

11. Demo • Vincent demo of network device rules applied against a NetScreen firewall and a UNIX system.

12. Reports Use reports to identify trends and problem areas.

13. Report Manager

14. Report Groups

15. Report Group Permission • Any user can create a report. • System report group: check box • User report group: do not check box • System report group: user must have ‘Manage System Reports’ permission

16. New Report

17. Change process compliance Change rate Change variance Change window Changed elements Frequently changed nodes Changes by node or group Changes by severity Detailed changes Device inventory Elements Frequently changed elements Report Types

18. Last node check status Missing elements Monitoring policy Nodes with changes Reference node variance System access control System log Unchanged elements User rules Report Types

19. Change Variance Report

20. Actions Change types Charts Compare nodes Current versions Elements Frequency General Links Message Message filter Message filter Node Packages Reference Node Roles Rules Severity ratings Sorting Tasks Time range Users User names Report Criteria

21. Change Variance Criteria

22. Change Variance Criteria

23. Change Variance Criteria

24. Change Variance Criteria

25. Change Variance Criteria

26. Changes by Severity

27. Changes by Severity Criteria

28. Creating a Report Task

29. Creating a Report Task

30. Creating a Report Task

31. Creating a Report Task

32. Dashboards Use Dashboards to monitor reports.

33. Creating a New Dashboard

34. Creating a New Dashboard

35. Creating a New Dashboard

36. Creating a New Dashboard

37. Questions • Questions • Ongoing discussion format • Evaluation

38. Contacts • ucdtripwire@ucdavis.edu - class mailing list • Vincent Fox - vbfox@ucdavis.edu • Doreen Meyer - dimeyer@ucdavis.edu • Bob Ono - raono@ucdavis.edu • Paul Singh - pasingh@ucdavis.edu • Software - software@ucdavis.edu