IT Security News & Blog

Comparing Tripwire Enterprise and NNT Change Tracker

Posted: 13 July 2018

When it comes to FIM (File Integrity Monitoring) and secure configuration management. there are two main rivals, Tripwire Enterprise and NNT Change Tracker. Both have impressive existing customer rosters and reputations; are multi-million pound businesses and have an international presence.

In this blog we created a comparison of these two industry giants, to help you choose the right solution for your requirements.

 

Comparing Tripwire Enterprise and NNT Change Tracker

The comparison table below has been created based on information we could find online and our previous experiences using both solutions. While we have tried our best to ensure that the information is correct, there may be some omissions or errors.

We recommend that you evaluate both solutions and use the following comparison table as guidance.

  tripwire enterprise file integrity management NNT Change Tracker File Integrity Monitoring
File Integrity Monitoring    
Secure Configuration    
SIEM and Centralised Logging    
PCI-DSS Benchmarking Toolkit    
CIS Benchmarking Toolkit    
Certified ServiceNow Integration    
Ease of Set Up Multiple Weeks 1 Day
Agentless Option?    
Agent Type Java Based .NET Framework
Change Noise Assistance    
License Type Per Application Per Node / Endpoint
Management Console Included in Price    
Agents Included in Price    
Technical Support Locations US US and Europe
Customers in the Fortune 500    

 

Stand Out Differences

Two of the standout differences for us are:

  • The use of Java as in Tripwire Enterprise agents. This is a rather outdated approach to software creation and creates some security problems. Java and the Java Runtime Environment (JRE) is well known for its high frequency of updates to patch security flaws and vulnerabilities. Keeping the JRE up to date on all Tripwire monitored devices will be a task in itself.
  • NNT Change Tracker includes change noise reduction capabilities, known as F.A.S.T. One of the significant challenges with any file integrity monitoring solution is sifting through the deluge of change alerts, particularly when a server operating system is being updated. For example, Windows Update. NNT F.A.S.T is a cloud-based database containing billions of known changes which are used to subdue distracting change alerts.

Are you interested in reducing change noise? - Read our blog which explores how you can achieve this streamline your FIM solution.

 

Achieving PCI-DSS Accreditation with Just 10 Minutes Each Day

Topics: Change Control, NNT, File Integrity Management, Governance

Chris Payne

Written by Chris Payne

Managing Director - Advanced Cyber Solutions