SOURCE: Tripwire, Inc.

September 16, 2008 09:30 ET

Tripwire Revolutionizes Virtual Datacenter Compliance With Single Point of Control for Security & Configuration Standards

Tripwire Enterprise 7.5V Provides Visibility and Configuration Control, Helping Customers Mitigate Virtual Sprawl, Security Threats Stemming From Misconfiguration

LAS VEGAS, NV--(Marketwire - September 16, 2008) - Today at VMworld in Las Vegas, Tripwire, Inc., the recognized leader in configuration assessment and auditing for virtual and physical IT infrastructure, announced the newest version of its flagship product, Tripwire® Enterprise 7.5V. Designed explicitly to give visibility into the security and compliance of virtual IT systems, the latest version of Tripwire Enterprise allows IT to manage systems to internal and external policies -- across the heterogeneous data center -- from a single point of control.

The constantly growing number of mission-critical applications running in virtual environments necessitates proper configuration for security, compliance and optimal performance. Tripwire Enterprise 7.5V helps IT maintain this ideal state with capabilities that:

--  Identify and mitigate virtual sprawl.  With Tripwire Enterprise 7.5V,
    enterprises have an early warning system to potential virtual sprawl, with
    alerts when virtual infrastructure is added or deleted, to take appropriate
    action and contain unauthorized virtual machine provisioning, automatic
    monitoring of enabled virtual infrastructure, and auto discovery of
    unmonitored virtual objects.
--  Deep integration with VMware vCenter products that allows Tripwire
    Enterprise to automatically discover all elements within the virtual
    environment. Now users will know which elements in their virtual
    infrastructure are assessed for configuration integrity -- and which are
    not. With this latest version, Tripwire users have the ability to monitor
    VMware ESX 3.0, 3.5, and 3i hypervisors; virtual switches; virtual machine
    containers; and virtual machine workloads.
--  New configuration assessment policies designed specifically to assess
    and validate configurations within VMware virtualized environments,
    including VMware ESX DISA STIG; the VMware ESX 3.5 Hardening Guide V2; CIS;
    and PCI. With these policies, enterprises have a view into all
    configuration settings and changes of virtual infrastructure objects,
    providing complete control for security, regulatory compliance, and optimal
    operational performance. In addition, users can also create their own best
    practice policies for their virtual environment through Tripwire
    Enterprise. Tripwire integration with VMware vCenter products provides
    virtualization customers with easy access to hardening guidelines.
--  Continuous control of virtual infrastructure objects. Tripwire
    Enterprise builds on its flagship heritage, automatically detecting
    unauthorized, non-compliant change to virtual infrastructure objects,
    immediately alerting IT staff to exceptions to change and configuration
    management policies for immediate investigation.
--  Remediation Advice for every change that violates a policy. Tripwire
    provides detailed remediation guidance, allowing enterprises to quickly
    return any system to a known, compliant state. This approach enables IT
    staff to better manage risk by providing continuous, automated compliance
    across heterogeneous environments.

In a recent survey, "Is Virtualization Under Control?" conducted by Tripwire, more than 90 percent of those interviewed said that virtualized servers are now deployed in their production environments and run a wide variety of applications. And, three out of four said that up to half of their production servers are now virtualized. This has made security and compliance particularly important for enterprises deploying virtualization in production environments.

"Most security vulnerabilities in the virtual world will be introduced through misconfiguration and mismanagement of the technology," says Gartner Vice President and Fellow, Neil MacDonald. "While existing tools may be used to assess the proper configuration of virtualized workloads, in many cases these don't work to assess the proper configuration of the virtualization layer itself. Ideally, a single, consistent process and tool would be used to assess the proper configuration of both physical and virtual workloads, including the virtualization layer."

"VMware and Tripwire are committed to helping customers proactively ensure security and compliance across virtual and physical infrastructure through automation and enhanced manageability," said Shekar Ayyar, vice president of infrastructure alliances at VMware. "Tripwire Enterprise 7.5V provides critical insight that complements the industry-leading VMware platform, providing essential configuration control to help ensure that security and compliance policies can be enforced." Tripwire and VMware are extending their leadership around compliance from the Datacenter the Desktop to proactively provide solutions that help customers maintain control and adhere to Business, Security, and Regulatory directives.

"IT environments are heterogeneous by nature. While many organizations are exploiting the benefits of virtualization, they want a single point of control for managing configuration integrity across the organization," said Dan Schoenbaum, SVP of Corporate and Business Development for Tripwire. "As the backbone of business increases in complexity through technology such as virtualization, we're seeing visibility, embedded expertise, and automation grow in importance. That's why, with the deepest configuration knowledge in the industry, Tripwire is well positioned to provide a holistic solution for ensuring configuration control within the virtual infrastructure and beyond."

Visit Tripwire at VMworld 2008, Las Vegas, September 15-18, 2008, during exhibition hours at the Tripwire Booth #1147.

Tripwire Enterprise 7.5V new features are available only through the purchase of the Tripwire Enterprise for VMware ESX Server node. Tripwire Enterprise 7.5V will be available October 2008 at

About Tripwire, Inc.

Tripwire helps over 6,000 enterprises worldwide reduce security risk, attain compliance and increase operational efficiency throughout their virtual and physical environments. Using Tripwire's industry-leading configuration assessment and change auditing solutions, organizations successfully achieve and maintain IT configuration control. Tripwire is headquartered in Portland, Ore. with offices worldwide.

©2007, Tripwire, Inc. Tripwire is a registered trademark of Tripwire, Inc. All other marks are property of their respective owners. All rights reserved.

Contact Information