Change management is quickly becoming a primary method used by businesses to meet regulatory and security needs. While the technology overlaps somewhat with physical and virtual security technologies, change management specifically allows security administrators to actively monitor changes to devices and detect if devices have been removed or installed without authorization, providing a powerful mechanism for detecting malicious software attacks and unauthorized modifications to network hardware. Change management also can provide an entry point for solution providers that want to offer physical security solutions.
One of the leading vendors in this market is Tripwire, which recently introduced the latest version of Tripwire Enterprise, now in version 5.0. The product can keep track of thousands of devices across large IT infrastructures. Tripwire Enterprise 5.0 can reconcile approved and intended changes to hardware settings using intelligent dashboards to show change, highlight security processes and ensure compliance. The technology also can increase network availability and reduce downtime.
Most larger businesses are fully aware of the importance of internal process control, management and monitoring, but it is often a complex process to manage. Tripwire Enterprise offers a single point of control for detecting, reconciling and reporting change activity across servers, desktops, network devices and a growing number of other infrastructure components. By detecting both automated and manual changes and verifying those changes against authorized activity, Tripwire Enterprise provides an independent control and audit trail across the enterprise. Since reporting is one of the main manifestations of change management as well as a necessary tool to prove compliance, CRN Test Center engineers took a hard look at Tripwire's reporting features and were not disappointed. The software offers both canned and customizable reports to cover nearly every aspect of a network. These reports are a great selling tool for solution providers looking to prove ROI and also demonstrate the tool's impressive security monitoring arsenal.
Installation of the product is straightforward. The software uses a client/server paradigm, and the main control console and database is installed on a server. The client software is pushed out to the appropriate devices. For devices that lack the ability to install the client-side software, Tripwire can use that device's integrated reporting capabilities to create triggers or informational events that are sent back to the management console.
Test Center engineers would like to see a lower-cost version of the product introduced specifically geared toward small businesses. Such a product would allow solution providers to offer legislative control for IT assets in smaller offices, in fields such as medical, legal or financial. In many cases, SMBs are at greater risk for attacks, data loss or hacking as a result of unauthorized access to a network, since most SMBs lack IT staff and proper security policies. Therefore, the SMB market could offer additional opportunity to solution providers.
Tripwire's channel program has two levels: Standard and Premier. Standard partners are only required to sign a distributor agreement, while Premier partners also must meet sales volume requirements and commit to ongoing sales, technical, program and product training. Standard partners receive product discounts, a listing in Tripwire's solution provider directory, access to a dedicated reseller Web site, marketing collateral and logos. Premier resellers receive these benefits as well as 24x7 technical support and demonstration copies of the software. TripWire did not disclose average reseller margins.