Skip to content

Supported devices

Retrieving configuration files

Manufacturer Type Configuration files needed
Alcatel Lucent Omniswitch save [filename]
Amazon Web Service EC2 aws ec2 describe-security-groups
aws ec2 describe-instances
Check Point - /etc/fw/conf/objects_5_0.C
/etc/fw/conf/rulebases_5_0.fws
Cisco Firewall, Router, Switch show running-config
Enterasys - save config
FreeBSD (PF) - ruleset: cat /etc/pf.conf
interfaces: ifconfig -a
Fortinet - show full-configuration
IPTables - ruleset: iptables-save
interfaces: cat /etc/network/interfaces
Juniper JunOS show configuration
NetScreen get config all
NetGear Switch CLI: show running-config all. Web UI: Maintenance > Download Configuration
Palo Alto - Device > Setup > Operations > Export named config. snapshot
For Panorama: see instructions below this table
pfSense - Diagnostics > Backup & Restore > Download configuration as XML
RuggedCom ROS config.csv
ROX admin > save-fullconfiguration. Choose format "cli" and indicate file name
SEL-3620 - From "Diagnostics", click on "Update Diagnostics" and copy the text
Sonic Wall - "Export Settings, then Export (default file name: sonicwall.exp)"
VMware NSX GET https://{nsxmgr-ip}/api/4.0/edges/ (XML format)
Learn more about vCenter and VSX
WatchGuard - Select Manage System > Import/Export Configuration

Instructions for Panorama

  1. Follow the 4 steps of generating the tech support file from Panorama: https://live.paloaltonetworks.com/t5/Featured-Articles/How-to-generate-and-Upload-a-Tech-Support-File-Using-the-WebGUI/ta-p/60757
  2. Expand the tarball and look into the following location: opt/pancfg/mgmt/saved-configs/.merged-running-config.xml. It is a hidden (dot) file so it may not show up in your file explorer but you can find it via terminal or by changing the file explorer or finder settings
  3. Rename .merged-running-config.xml into merged-running-config.xml (remove the dot) and import the file into NP-View

Instructions for Check Point Multi Domain

The required files for NP-View {rulebases_5_0.fws,objects_5_0.C} can be found on the Checkpoint Multi-Domain management server.

Examples below using {{}} indicate it is an example value which may need to be altered to match your environment.

The files required by NP-View on a Checkpoint Multi Domain environment can be found using the following command from advanced shell:

find $MDSDIR/customers/  | grep -E '/fw1/conf/(rulebases_5_0.fws|objects_5_0.C)'
Example output:
/opt/CPmds-R80/customers/west-server/CPsuite-R80/fw1/conf/objects_5_0.C
/opt/CPmds-R80/customers/west-server/CPsuite-R80/fw1/conf/rulebases_5_0.fws

Each domain is a subdirectory under $MDSDIR/customers/ on the MDS management station.

Example procedure which can be used to export the required files: 1. Log into the MDS server in advanced shell 2. Execute the following command to create an archive of the required files for all domains on the MDS management station.

find $MDSDIR/customers/  | grep -E '/fw1/conf/(rulebases_5_0.fws|objects_5_0.C)' | xargs tar -zcvf /root/mds-`hostname`export-`date +%s`.tar.gz
3. Find the desired filename which will be named with the following pattern:
mds-{{hostname}}-{{timestamp}}.tar.gz
3. Copy the archive using desired transfer method such as scp
scp mds-gw-{{hostname}}-{{timestamp}}.tar.gz {{server}}:/{{path}}/
4. (Optional) From each checkpoint host extract firewall specific route information using netstat
 netstat -rn > /root/`hostname`.txt
5. Import the objects_5_0.C, rulebases_5_0.fws, and hostname.txt (optional) into NP-View.

Upcoming parsers:

  • Cisco FirePower: Added in July 2018
  • Check Point R80: Added in July 2018
  • Enterasys switches: Added in October 2018
  • NetGear: Added in November 2018
  • Extreme switches: Added in November 2018
  • Check Point Multi Domain: Added in November 2018
  • Amazon Web Service firewall (AWS): Added in November 2018
  • Microsoft Azure firewall: 2019 Q1
  • F5: early 2019
  • Brocade: early 2019
  • Dell: early 2019
  • Barracuda: mid 2019
  • 3com: mid 2019

Please contact the support team to discuss parser prioritization or if you need support for a device not yet listed.

Need help importing a configuration file?

Some configuration files may not be fully supported by the NP-View parser yet. Please refer to the table below to see which features are supported or still work in progress. To help us improve, please send us the debug logs from the Log tab in NP-View or contact us directly at support@network-perception.com. You can also share sample files securely through the Portal File Vault.

Additional supported files

Hostname

Once network device configuration files have been imported, one can also import a hostname file in order to add new hosts to the topology map. The hostname file is a simple text file with two colums: IP address and hostname separate by a tab.

Netstat

The output of the Netstat command on Windows and Linux can be saved to a text file and then imported into an existing project. Service information will be extracted from the Netstat output file and added to the host attribute. The flags to use for the Netstat command are:

  • On Windows: netstat -abon
  • On Linux: netstat -atunp

Nmap / Nexpose / Nessus

The output from network scanners can be imported into an existing project in order to add new hosts and port information to the topology map and host attributes. The supported scanners are currently Nmap, Nexpose, and Nessus. One should save their report using the XML format in order to import them into NP-View or NP-Live.

Supported features and work in progress

Core Features

Manufacturer Type Interfaces / Addr. Services / Groups Firewall Rules Static Routes
Alcatel Lucent Omniswitch ✅ in progress ✅ to do
Check Point - ✅ ✅ ✅ N/A
Cisco Firewall, router, switch ✅ ✅ ✅ ✅
FreeBSD / PF - ✅ ✅ ✅ in progress
Fortinet - ✅ ✅ ✅ ✅
IPTables - ✅ N/A ✅ ✅
Juniper JunOS ✅ ✅ ✅ ✅
NetScreen ✅ ✅ ✅ ✅
Palo Alto - ✅ ✅ ✅ ✅
pfSense - ✅ ✅ ✅ ✅
RuggedCom ROS ✅ ✅ N/A ✅
ROX ✅ in progress ✅ ✅
SEL-3620 - ✅ N/A ✅ ✅
Sonic Wall - ✅ ✅ ✅ in progress
VMware NSX ✅ in progress in progress to do
WatchGuard - ✅ ✅ ✅ ✅

Advanced Features

Manufacturer Type Zones NAT VPN VLAN
Alcatel Lucent Omniswitch to do to do to do to do
Check Point - ✅ ✅ ✅ ✅
Cisco Firewall, router, switch ✅ ✅ ✅ ✅
FreeBSD / PF - N/A in progress in progress ✅
Fortinet - ✅ ✅ ✅ ✅
IPTables - N/A in progress ✅ N/A
Juniper JunOS ✅ ✅ ✅ ✅
NetScreen ✅ in progress ✅ in progress
Palo Alto - ✅ ✅ ✅ ✅
pfSense - N/A in progress in progress in progress
RuggedCom ROS N/A N/A N/A in progress
ROX ✅ to do to do ✅
SEL-3620 - N/A in progress ✅ N/A
Sonic Wall - ✅ to do ✅ ✅
VMware NSX in progress to do to do in progress
WatchGuard - N/A to do to do to do