security.ucdavis.edu

252 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
252
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

security.ucdavis.edu

  1. 1. Tripwire Enterprise Server Network Nodes, Reports, and Dashboards Vincent Fox and Doreen Meyer UC Davis, Information and Educational Technology August 9, 2006
  2. 2. Network Device Node <ul><li>A network device node can be any router, switch, firewall, load balancer, or unix-compliant system </li></ul>
  3. 3. Adding a Network Device Node
  4. 4. Adding a Network Device Node
  5. 5. Adding a Network Device Node
  6. 6. Adding a Network Device Node
  7. 7. Adding a Network Device Node
  8. 8. Adding a Network Device Node
  9. 9. Adding a Network Device Node
  10. 10. “Network Device” Rules <ul><li>See User Guide p. 79 </li></ul><ul><li>Configuration File Rules – check ONLY config files of many common hardware devices. </li></ul><ul><li>COVR – Command Output Validation Rules. Useful to check any runtime aspect of a device. </li></ul><ul><li>Example: netstat -nr </li></ul>
  11. 11. Demo <ul><li>Vincent demo of network device rules applied against a NetScreen firewall and a UNIX system. </li></ul>
  12. 12. Reports <ul><li>Use reports to identify trends and problem areas. </li></ul>
  13. 13. Report Manager
  14. 14. Report Groups
  15. 15. Report Group Permission <ul><li>Any user can create a report. </li></ul><ul><li>System report group: check box </li></ul><ul><li>User report group: do not check box </li></ul><ul><li>System report group: user must have ‘Manage System Reports’ permission </li></ul>
  16. 16. New Report
  17. 17. Report Types <ul><li>Change process compliance </li></ul><ul><li>Change rate </li></ul><ul><li>Change variance </li></ul><ul><li>Change window </li></ul><ul><li>Changed elements </li></ul><ul><li>Frequently changed nodes </li></ul><ul><li>Changes by node or group </li></ul><ul><li>Changes by severity </li></ul><ul><li>Detailed changes </li></ul><ul><li>Device inventory </li></ul><ul><li>Elements </li></ul><ul><li>Frequently changed elements </li></ul>
  18. 18. Report Types <ul><li>Last node check status </li></ul><ul><li>Missing elements </li></ul><ul><li>Monitoring policy </li></ul><ul><li>Nodes with changes </li></ul><ul><li>Reference node variance </li></ul><ul><li>System access control </li></ul><ul><li>System log </li></ul><ul><li>Unchanged elements </li></ul><ul><li>User rules </li></ul>
  19. 19. Change Variance Report
  20. 20. Report Criteria <ul><li>Actions </li></ul><ul><li>Change types </li></ul><ul><li>Charts </li></ul><ul><li>Compare nodes </li></ul><ul><li>Current versions </li></ul><ul><li>Elements </li></ul><ul><li>Frequency </li></ul><ul><li>General </li></ul><ul><li>Links </li></ul><ul><li>Message </li></ul><ul><li>Message filter </li></ul><ul><li>Message filter </li></ul><ul><li>Node </li></ul><ul><li>Packages </li></ul><ul><li>Reference Node </li></ul><ul><li>Roles </li></ul><ul><li>Rules </li></ul><ul><li>Severity ratings </li></ul><ul><li>Sorting </li></ul><ul><li>Tasks </li></ul><ul><li>Time range </li></ul><ul><li>Users </li></ul><ul><li>User names </li></ul>
  21. 21. Change Variance Criteria
  22. 22. Change Variance Criteria
  23. 23. Change Variance Criteria
  24. 24. Change Variance Criteria
  25. 25. Change Variance Criteria
  26. 26. Changes by Severity
  27. 27. Changes by Severity Criteria
  28. 28. Creating a Report Task
  29. 29. Creating a Report Task
  30. 30. Creating a Report Task
  31. 31. Creating a Report Task
  32. 32. Dashboards <ul><li>Use Dashboards to monitor reports. </li></ul>
  33. 33. Creating a New Dashboard
  34. 34. Creating a New Dashboard
  35. 35. Creating a New Dashboard
  36. 36. Creating a New Dashboard
  37. 37. Questions <ul><li>Questions </li></ul><ul><li>Ongoing discussion format </li></ul><ul><li>Evaluation </li></ul>
  38. 38. Contacts <ul><li>[email_address] - class mailing list </li></ul><ul><li>Vincent Fox - [email_address] </li></ul><ul><li>Doreen Meyer - [email_address] </li></ul><ul><li>Bob Ono - [email_address] </li></ul><ul><li>Paul Singh - pasingh@ucdavis.edu </li></ul><ul><li>Software - software@ucdavis.edu </li></ul>

×