Tripwire Releases Configuration Compliance Manager (CCM) Version 5.15
Sep 20, 2013 (Close-Up Media via COMTEX) --
Tripwire, Inc., a global provider of risk based security and compliance management solutions, announced Configuration Compliance Manager (CCM) Version 5.15.
In a release, the company noted that the new release audits patch management processes, is Security Content Automation Protocol (SCAP) version 1.2 compliant and validation ready, and adds a variety of new configuration auditing policies that extends network visibility.
Auditing the configurations and patch status of IT systems and monitoring changes in those configurations is a critical step in reducing security risk and achieving compliance. Tripwire Configuration Compliance Manager automates agentless configuration auditing, change monitoring and configuration compliance, providing a clear picture of system configurations and the impact of configuration changes on compliance with internal policies and a wide variety of external regulations.
"Tripwire is the only security configuration management company that can offer both agent-based and agentless capabilities," said Dwayne Melancon, chief technology officer for Tripwire. "With CCM 5.15, we're able to offer customers new solutions around auditing the patch deployment process, as well as scan for a much broader range policies and systems to provide rapid results, enable stronger accountability, and increase confidence in the security and stability of your IT infrastructure."
Patch deployment tools primarily check to determine if a patch has been installed and often fail to correlate patches that have been superseded. With CCM's new patch process auditing users can check to determine if Windows systems the reboot necessary before a patch is actually applied, not just installed, is pending. In addition, CCM is now able to calculate compliance percentages that include superseded patches.
Tripwire Configuration Compliance Manager includes a rich library of policies based on standards and benchmarks from NIST, CIS, DISA and Microsoft, as well as policies for specific regulations such as PCI, Sarbanes-Oxley, HIPAA, USGCB and NERC.
CCM version 5.15 adds a range of new policies including:
-DISA STIG Red Hat Enterprise Linux 6 V1R1
-CIS Cisco Firewall for ASA version 3
-CIS Solaris 10 Version 5.1.0
-COS Cisco IOS version 3.0.1
-CIS IBM DB2 version 2.1.0
-CIS VMware ESX Server 4 version 1.1.0
-CIS Juniper JUNOS 8/9/10
-CIS Windows 8
-CIS Windows Server 2012
-SOX Windows Server 2008
-CIS Solaris 11
-CIS IBM AIX 5.3-6.1
-CIS MS SQL Server 2008
-SOX Windows Server 2012
-SOX MSSQL 2008R2
-SOX VMWARE 4 v1.1.0
-SOX Windows 8
-SOX Juniper JUNOS
-SOX Solaris 11, AIX 5.3-6.1
Updated policies include:
-CIS RHEL5 Version 2.0.0
-CIS Windows 7 version 1.2.0
-CIS Windows Server 2009 version 1.2.0
-DISA STIG Windows Server 2003
-DISA STIG Windows Server 2008
-DISA STIG RHEL 5
-DISA STIG Solaris
-DISA STIG IIS7
-PCI/FIM policies for AIX, HP-UX, and Solaris
-SOX RHEL6 v1.1.0
-SOX RHEL5 v2.0.0
-SOX Solaris 10 v5.1.0
-SOX VMware ESX Server 3 v1.0.0
-SOX VMware ESX Server 3.5 v.1.2.0
Tripwire Configuration Compliance Manager utilizes a completely agentless architecture, requiring no software installation on monitored endpoints reduces deployment costs. Agentless configuration auditing is complementary to agent-base auditing because makes it possible to profile every device on the network.
Tripwire is a global provider of risk-based security and compliance management solutions, enabling enterprises, government agencies and service providers to effectively connect security to their business.
((Comments on this story may be sent to email@example.com))
[ InfoTech Spotlight's Homepage ]