Re: nipper studio experiences?

[Shawn Summers <SSummers () jackhenry com>]

Very good experience with the tool, features and usefulness have greatly increased in recent months.  They support 
current versions of many common vendors' devices, well publicized list on their website 
(https://www.titania.com/nipperstudio/networkdevices).  Very easy to use- you feed it raw config files and it parses 
them line-by-line, then generates reports on findings.  Default best practices baseline is pretty good, and you can 
customize policies to include or exclude particular checks globally, or for certain device types, etc.  Also supports 
using CVSS for the measuring stick.  It can also compare current config/report to previously saved results.  Several 
report types are available from text, html, pdf, xml, to a few different choices of .csv reports.  Some of the recent 
feature additions I haven't yet had much chance to play with include software bulletin/vulnerability applicability 
reports, SANS baseline/best practice policies, and PCI report generation.

I have only one complaint from years of use.  One of the .csv reports has some formatting problems, so it isn't 
reliable to feed into any other tools or automated processing.  Since the finding data verbiage is constant throughout 
reports, I've been able to manually workaround this with some masterful copy & paste skills.

It is a client application that runs on your everyday laptop/desktop, you point it to saved config files; it does not 
"live" anywhere in your infrastructure as an appliance or bump on the wire.  It does not assume or try to induce any 
context between or amongst the devices - it simply parses them line by line and evaluates the config for best 
practices.  It does not have any mapping functionality; doesn't generate diagrams, cannot be fed any diagrams.

In summary, I have found it a very effective and valuable tool for a reasonable price, and it has been greatly improved 
since going commercial.  I highly recommend it.

ss

From: firewall-wizards-bounces () listserv icsalabs com [mailto:firewall-wizards-bounces () listserv icsalabs com] On 
Behalf Of Darden, Patrick
Sent: Monday, July 14, 2014 12:50 PM
To: Firewall Wizards Security Mailing List (firewall-wizards () listserv cybertrust com)
Subject: [fw-wiz] nipper studio experiences?


http://www.titania.com/nipperstudio

Our audit folks are talking about this.  Anyone have any experience with it-good or bad?  Is it effective?  I am 
guessing it is an expert system that simply looks for certain conf details or juxtapositions?  Does it do it between 
devices?  Do you have to feed it a network map?  Does it take a lot of hand-holding, configuration, setup?

Thanks,
--p
NOTICE: This electronic mail message and any files transmitted with it are intended
exclusively for the individual or entity to which it is addressed. The message, 
together with any attachment, may contain confidential and/or privileged information.
Any unauthorized review, use, printing, saving, copying, disclosure or distribution 
is strictly prohibited. If you have received this message in error, please 
immediately advise the sender by reply email and delete all copies.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards