Getting Started with Tripwire Anyware SCM
Tripwire Anyware SCM is the software configuration management module of Tripwire.io, the Tripwire SaaS platform. With Tripwire Anyware SCM, you can:
- check your Linux and Windows assets against the latest CIS benchmarks
- quickly identify compliance issues and areas of concern
- get targeted remediation information
Step 1: Install Agents
Tripwire Anyware SCM uses Tripwire's Axon Agent software to monitor and manage assets. You install the Agent software on each asset to be monitored.
An Agent scans the asset where it is installed once a day, using an appropriate CIS policy for its operating system. In addition, the Agent scans the asset each time that policy is updated.
To install an Agent
- Navigate to Environment > Agents.
- Click Download Agent.
- Click the download link for the type of Agent you want to install.
Note:
It may take up to a minute to generate the Agent installer.
-
Install the Agent on the system you want to monitor.
For Windows systems:
-
Log in with Administrator privileges.
-
Extract the zip file.
-
Double-click the installer file axon-agent.msi.
-
To verify that the installation succeeded, check the Services list (Control Panel > Administrative Tools > View local services) to verify that the Tripwire Axon service is running.
Note:
To install the Agent on other Windows systems, copy the entire zip file (not just the .msi file) to the new system, unzip and install.
For Linux systems:
-
Log in to the system as root (or use sudo to obtain root privileges).
-
At a command prompt, expand the zip file:
unzip scm-linux-install-bundle.zip
-
Run the following command to install the Agent:
./axon-agent/axon-agent.bin
Note that the script above will also start the Axon Agent service.
-
Run the following command to confirm that the installation succeeded:
service tripwire-axon status
Note:
The how-to-install.txt file in the zip has other installation options and related information.
-
After the installation is complete:
- the asset will appear on both the Environment > Assets and Environment > Agents pages.
- the Agent will automatically scan the asset where it is installed.
Step 2: Review Scan Results
Agent scan results are shown on the Configuration Management dashboard.
-
Navigate to Servers > Configuration Management.
The chart and table on the left show the current compliance status of your assets. By default, they show the status of all assets, but you can filter the results by asset or policy.
The Issues section is a prioritized list of issues to be resolved, scoped to the current assets and/or policies. By resolving these issues, you can improve your overall compliance score.
-
Click through the table to identify an issue that interests you, or use the filters to target a specific policy section. Notice how the Issues section changes as you change the view.
Step 3: Start Fixing Things
Tripwire Anyware SCM provides manual remediation instructions for detected Issues, and can also remediate many Issues automatically.
-
Click the Filter icon in the Issues section and select Fix Now Available.
This filters the list to Issues that support automated remediation.
-
Click the top Issue link to see more details.
Each Issue includes details about the test, its current status, and the most recent time it was detected by a scan.
-
Expand the Fix Now and Manual Remediation sections to see the available remediation options.
To automatically resolve the Issue, click Run Fix Now.
To manually resolve the Issue, follow the provided steps.
The next time a scan runs on the asset, the Issue's status will be updated automatically.
Next Steps
- Install Agents on other assets you want to monitor.
- Repeat the process above to improve the security of your assets.