NP-View has been designed to be simple and straightforward to use. The following workflow is our recommendation to review config files efficiently. This workflow can be used for a spot audit or can be followed periodically to maintain good ruleset hygiene.
- Step 1: collect config files. Review the table of supported devices to know which formats are supported and which commands to run on your devices.
- Step 2: import your config files. Check the list of risk alerts, warnings, and errors in the configuration assessment report. Review the logs in the log tab if warnings or errors occur.
- Step 3: create visual groups and mark criticality. Right-click on hosts and networks to set their criticality levels (untrusted, low, medium, high). Create visual groups by selecting multiple nodes that belong to the same trust domain and going to the Map toolbar > Create group.
- Step 4: review and justify your rules. Go to the Rule Audit tab and review each rules for possible misconfigurations or risk alerts.
- Step 5: run a path analysis. Launch a full or extended path analysis and review the resulting connectivity. Use filters to explore paths to/from high trust zones.
- Step 6: document your findings. Use the review forms at the bottom of the rule audit tab, the object group tab, and the path analysis tab in order to add comments and identify risks.
- Step 7: generate reports. Save a screenshot of the map and generate a project report. Export the rule audit table to Excel.