Supported devices
Retrieving configuration files
Manufacturer | Type | Configuration files needed |
---|---|---|
Alcatel Lucent | Omniswitch | save [filename] |
Amazon Web Service | EC2 | aws ec2 describe-security-groups aws ec2 describe-instances |
Check Point | - | /etc/fw/conf/objects_5_0.C /etc/fw/conf/rulebases_5_0.fws |
Cisco | Firewall, Router, Switch | show running-config |
Enterasys | - | save config |
FreeBSD (PF) | - | ruleset: cat /etc/pf.conf interfaces: ifconfig -a |
Fortinet | - | show full-configuration |
IPTables | - | ruleset: iptables-save interfaces: cat /etc/network/interfaces |
Juniper | JunOS | show configuration |
NetScreen | get config all |
|
NetGear | Switch | CLI: show running-config all . Web UI: Maintenance > Download Configuration |
Palo Alto | - | Device > Setup > Operations > Export named config. snapshot For Panorama: see instructions below this table |
pfSense | - | Diagnostics > Backup & Restore > Download configuration as XML |
RuggedCom | ROS | config.csv |
ROX | admin > save-fullconfiguration. Choose format "cli" and indicate file name | |
SEL-3620 | - | From "Diagnostics", click on "Update Diagnostics" and copy the text |
Sonic Wall | - | "Export Settings, then Export (default file name: sonicwall.exp)" |
VMware | NSX | GET https://{nsxmgr-ip}/api/4.0/edges/ (XML format) Learn more about vCenter and VSX |
WatchGuard | - | Select Manage System > Import/Export Configuration |
Instructions for Panorama
- Follow the 4 steps of generating the tech support file from Panorama: https://live.paloaltonetworks.com/t5/Featured-Articles/How-to-generate-and-Upload-a-Tech-Support-File-Using-the-WebGUI/ta-p/60757
- Expand the tarball and look into the following location: opt/pancfg/mgmt/saved-configs/.merged-running-config.xml. It is a hidden (dot) file so it may not show up in your file explorer but you can find it via terminal or by changing the file explorer or finder settings
- Rename .merged-running-config.xml into merged-running-config.xml (remove the dot) and import the file into NP-View
Instructions for Check Point Multi Domain
The required files for NP-View {rulebases_5_0.fws,objects_5_0.C} can be found on the Checkpoint Multi-Domain management server.
Examples below using {{}}
indicate it is an example value which may need to be altered to match your environment.
The files required by NP-View on a Checkpoint Multi Domain environment can be found using the following command from advanced shell:
find $MDSDIR/customers/ | grep -E '/fw1/conf/(rulebases_5_0.fws|objects_5_0.C)'
/opt/CPmds-R80/customers/west-server/CPsuite-R80/fw1/conf/objects_5_0.C
/opt/CPmds-R80/customers/west-server/CPsuite-R80/fw1/conf/rulebases_5_0.fws
Each domain is a subdirectory under $MDSDIR/customers/
on the MDS management station.
Example procedure which can be used to export the required files: 1. Log into the MDS server in advanced shell 2. Execute the following command to create an archive of the required files for all domains on the MDS management station.
find $MDSDIR/customers/ | grep -E '/fw1/conf/(rulebases_5_0.fws|objects_5_0.C)' | xargs tar -zcvf /root/mds-`hostname`export-`date +%s`.tar.gz
mds-{{hostname}}-{{timestamp}}.tar.gz
scp mds-gw-{{hostname}}-{{timestamp}}.tar.gz {{server}}:/{{path}}/
netstat -rn > /root/`hostname`.txt
objects_5_0.C
, rulebases_5_0.fws
, and hostname.txt
(optional) into NP-View.
Upcoming parsers:
- Cisco FirePower: Added in July 2018
- Check Point R80: Added in July 2018
- Enterasys switches: Added in October 2018
- NetGear: Added in November 2018
- Extreme switches: Added in November 2018
- Check Point Multi Domain: Added in November 2018
- Amazon Web Service firewall (AWS): Added in November 2018
- Microsoft Azure firewall: 2019 Q1
- F5: early 2019
- Brocade: early 2019
- Dell: early 2019
- Barracuda: mid 2019
- 3com: mid 2019
Please contact the support team to discuss parser prioritization or if you need support for a device not yet listed.
Need help importing a configuration file?
Some configuration files may not be fully supported by the NP-View parser yet. Please refer to the table below to see which features are supported or still work in progress. To help us improve, please send us the debug logs from the Log tab in NP-View or contact us directly at support@network-perception.com. You can also share sample files securely through the Portal File Vault.
Additional supported files
Hostname
Once network device configuration files have been imported, one can also import a hostname file in order to add new hosts to the topology map. The hostname file is a simple text file with two colums: IP address and hostname separate by a tab.
Netstat
The output of the Netstat command on Windows and Linux can be saved to a text file and then imported into an existing project. Service information will be extracted from the Netstat output file and added to the host attribute. The flags to use for the Netstat command are:
- On Windows: netstat -abon
- On Linux: netstat -atunp
Nmap / Nexpose / Nessus
The output from network scanners can be imported into an existing project in order to add new hosts and port information to the topology map and host attributes. The supported scanners are currently Nmap, Nexpose, and Nessus. One should save their report using the XML format in order to import them into NP-View or NP-Live.
Supported features and work in progress
Core Features
Manufacturer | Type | Interfaces / Addr. | Services / Groups | Firewall Rules | Static Routes |
---|---|---|---|---|---|
Alcatel Lucent | Omniswitch | in progress | to do | ||
Check Point | - | N/A | |||
Cisco | Firewall, router, switch | ||||
FreeBSD / PF | - | in progress | |||
Fortinet | - | ||||
IPTables | - | N/A | |||
Juniper | JunOS | ||||
NetScreen | |||||
Palo Alto | - | ||||
pfSense | - | ||||
RuggedCom | ROS | N/A | |||
ROX | in progress | ||||
SEL-3620 | - | N/A | |||
Sonic Wall | - | in progress | |||
VMware | NSX | in progress | in progress | to do | |
WatchGuard | - |
Advanced Features
Manufacturer | Type | Zones | NAT | VPN | VLAN |
---|---|---|---|---|---|
Alcatel Lucent | Omniswitch | to do | to do | to do | to do |
Check Point | - | ||||
Cisco | Firewall, router, switch | ||||
FreeBSD / PF | - | N/A | in progress | in progress | |
Fortinet | - | ||||
IPTables | - | N/A | in progress | N/A | |
Juniper | JunOS | ||||
NetScreen | in progress | in progress | |||
Palo Alto | - | ||||
pfSense | - | N/A | in progress | in progress | in progress |
RuggedCom | ROS | N/A | N/A | N/A | in progress |
ROX | to do | to do | |||
SEL-3620 | - | N/A | in progress | N/A | |
Sonic Wall | - | to do | |||
VMware | NSX | in progress | to do | to do | in progress |
WatchGuard | - | N/A | to do | to do | to do |