Presentation on theme: "Tripwire Enterprise Server Network Nodes, Reports, and Dashboards Vincent Fox and Doreen Meyer UC Davis, Information and Educational Technology August."— Presentation transcript:
Tripwire Enterprise Server Network Nodes, Reports, and Dashboards Vincent Fox and Doreen Meyer UC Davis, Information and Educational Technology August 9, 2006
Network Device Node A network device node can be any router, switch, firewall, load balancer, or unix-compliant system A network device node can be any router, switch, firewall, load balancer, or unix-compliant system
Adding a Network Device Node
Network Device Rules See User Guide p. 79 See User Guide p. 79 Configuration File Rules – check ONLY config files of many common hardware devices. Configuration File Rules – check ONLY config files of many common hardware devices. COVR – Command Output Validation Rules. Useful to check any runtime aspect of a device. COVR – Command Output Validation Rules. Useful to check any runtime aspect of a device. Example: netstat -nr
Demo Vincent demo of network device rules applied against a NetScreen firewall and a UNIX system. Vincent demo of network device rules applied against a NetScreen firewall and a UNIX system.
Reports Use reports to identify trends and problem areas.
Report Group Permission Any user can create a report. System report group: check box User report group: do not check box System report group: user must have Manage System Reports permission
Report Types Change process compliance Change process compliance Change rate Change rate Change variance Change variance Change window Change window Changed elements Changed elements Frequently changed nodes Frequently changed nodes Changes by node or group Changes by node or group Changes by severity Changes by severity Detailed changes Detailed changes Device inventory Device inventory Elements Elements Frequently changed elements Frequently changed elements
Report Types Last node check status Last node check status Missing elements Missing elements Monitoring policy Monitoring policy Nodes with changes Nodes with changes Reference node variance Reference node variance System access control System access control System log System log Unchanged elements Unchanged elements User rules User rules
Change Variance Report
Report Criteria Actions Actions Change types Change types Charts Charts Compare nodes Compare nodes Current versions Current versions Elements Elements Frequency Frequency General General Links Links Message Message Message filter Message filter Node Node Packages Packages Reference Node Reference Node Roles Roles Rules Rules Severity ratings Severity ratings Sorting Sorting Tasks Tasks Time range Time range Users Users User names User names
Change Variance Criteria
Changes by Severity
Changes by Severity Criteria
Creating a Report Task
Dashboards Use Dashboards to monitor reports.
Creating a New Dashboard
Questions Questions Questions Ongoing discussion format Ongoing discussion format Evaluation Evaluation
Contacts - class mailing list - class mailing list Vincent Fox - Vincent Fox - Doreen Meyer - Doreen Meyer - Bob Ono - Bob Ono - Paul Singh - Paul Singh - Software - Software -