I am looking to see if anyone has any experience using Tripwire to monitor SecurID configurations for baseline purposes. Thanks in advance for any help.
I am looking to see if anyone has any experience using Tripwire to monitor SecurID configurations for baseline purposes. Thanks in advance for any help.
Hi Kevin,
I have moved this discussion to the RSA SecurID Access page so that you can get an answer to your question.
Thanks,
Jeff
Hello Kevin,
I never tried using Tripwire Enterprise 8.4 myself, but as per that datasheet for it, it can be used on both protocols Syslog and SNMP.
RSA Authentication Manager supports both Syslog and SNMP.
For Syslog you will be able to monitor all three activity monitors (Authentication, System and Administration), and the port is the normal port 514 UDP.
Below is the configuration of Syslog on Authentication Manager 8.1
1. In the Security Console, click Setup > System Settings.
2. Click Logging.
SNMP is a protocol used to manage systems on computer networks. It exposes management data in the form of variables, which an be queried by remote applications. These variables are read-only. RSA Authentication Manager does not support SNMP sets.
If you use a network management system (NMS) and SNMP, you can configure Authentication Manager to send data, called traps, to the NMS and to accept requests, called GETS, from the NMS. The NMS uses this data to compile statistics for Management Information Base (MIB) objects. You can use a MIB browser to view these statistics.
Authentication Manager supports SNMP v3.
Please check the following link for the SNMP reference guide RSA Authentication Manager 8.1 SP1 SNMP Reference Guide
Below is the configuration of SNMP on Authentication Manager 8.1
Procedure
1. In the Security Console of the primary instance, click Setup > System Settings.
2. Under Advanced Settings, click Network Monitoring (SNMP).
So kindly check and advise us back if there is any assistance needed from our side.
Best Regards,
Sorry for the confusion, I am specifically looking for integration with Tripwire's Compliance Configuration Manager, not the Network Monitoring component. In this case, either via agent or ssh login, configurations (ex. ports, services, software etc.) are gathered periodically and then comparisons are taken looking for changes to the configuration.
We are using Tripwire Enterprise 8.4 and want to monitor and baseline SecurID 8.1 (hardware appliances) to provide additional clarity.