Welcome 1.2 release of Opinnate Network Security Policy Manager. This software is designed to make network security policy management to be done effectively and easily. In this document you will find what Opinnate NSPM is, what the key features and known issues are.
Opinnate NSPM is a network security policy management solution that tackles firewall rule analysis, hardening, reporting and automation needs in an easy manner. Opinnate makes policy management in different package levels. The packages are Lite, Standard and Enterprise. Lite package is for firewall rule analysis; Standard package also includes optimization features and finally Enterprise package has all the features including automation.
The product is licensed in subscription model and licensed based on the number of firewalls used and package level.
Key Features #
Analysis of policies on firewalls: Firewall rule analysis of all firewalls on several different conditions. Some of the items for this analysis includes:
- Viewing all policies from a single console
- Rule or path existence control
- Finding out unused rules
- Finding out expired rules
- Finding out disabled rules
- Finding out shadow rules
Rule hardening by cleaning and disabling: This is also called optimization of rules. These are some of the items that is done for optimization:
- Corporate policy check
- Disabling unused rules
- Disabling expired rules
- Cleaning disabled rules
- Disabling shadow rules
- Disabling duplicated rules
- Cleaning duplicated objects
Making policy changes automatically: Automation of rule creation activity is an important aspect and need for policy management. These are some of the items that is done by this automation:
- IPS or logging profile activation on a rule
- User Based Rule Creation
- IP Access Cloning
- IP address decommissioning
- Group-based policy change
Keeping firewalls compliant to standards: Firewalls are one of the most important control points for several regulations and standards. Firewalls must be kept compliant with these standards. Here is a couple of things that is handled for this task:
- Making risk assessment on firewalls
- ISO27001 audit controls
- PCI audit controls
- NIST audit controls
Effective management: Making policy management in an effective way requires management effectiveness. These are some of the items that are made for this management easiness and effectiveness:
- Having virtualized multi-tenancy features
- Expired rule alerting to the owner
- Alerting on new rule creation
- Having executive dashboards
- Firewall specific network topology view
Known Issues and Limitations #
Integration partners: Opinnate has integration with just the leading firewall vendors for now. Palo Alto, Fortinet, Checkpoint, Cisco.
Log collection: All syslog data is collected but not stored into our system. We store just the needed ones.
Unused Rules: Unused rules are found based on the Last Used data we collect from firewalls. If there is an issue with this data generation unused rules can not be identified. A ticket should be opened to the related firewall vendors if this is the case.
User-based rule creation: User-based rules can be created for just Fortinet firewall for now.
SNMP usage on reporting: SNMP v3 usage can be successfully reported for all the firewalls except Cisco.
Clear text protocol usage on reporting: Clear-text protocol usage for admin access identification can not be made for Cisco and Checkpoint firewalls.
Getting Started #
This product can only be used on a server with the mentioned Operating System and version:
Installation Steps
These are the summary of installation steps for v1.2. Detailed installation steps can be found on installation guide document.
- Docker Engine Installation: Docker engine is to be installed on the system if not installed.
- Docker Compose Installation: Docker compose is to be installed if not installed.
- Downloading files: A zip file containing all docker image files, compose file and installation script file.
- Running script: Using the script file installation of the system.
Updates and Changes #
These are the new features added in 1.2.1 version.
- Environmental Setting(PCI-DSS Subnets and DNS Servers) added.
- Service Port and Service Protocol base filter options added in Rule Viewer.
- Check Point Inline Layer Rules View and Analysis added.
- Fqdn base rule creation added in ‘Add New Rule Path-Free’
- ‘Clear Text Protocol Usage’ Report Subject added.
- ‘Perimeter Access Issue With Echo Services’ Report Subject added.
- ‘Software Version Status’ Report Subject added.
- ‘Non-complient Commented Rules’ Report Subject added.
- ‘Most Used Rules’ Report Subject added.
- ‘Least Used Rules’ Report Subject added.
- ‘Rules About to Expire’ Report Subject added.
- Object Viewer added in Analysis Section.
- Group Object Viewer added in Analysis Section.
- Disable Rule feature added in Rule Viewer.
- Enable Rule feature added in Rule Viewer.
- Delete Rule feature added in Rule Viewer.
- ‘Server Cloning Path-Free’ feature added in Automation Section.
Resolved Issues #
Bug ID | Issue Details |
N-11101 | Radius Authentication Method is not working |
N-11102 | Ip Filter is not working depends on address objects have unsupported characters in Rule Viewer |
N-11103 | Two criteria of Risky Filter are not working in Rule Viewer |
N-11104 | Virtual Firewall Name Filter is not working in Rule Viewer |
N-11105 | Logging Filter is not working in Rule Viewer |
P-11101 | Can not collect address information when there are more than 500 address objects |
P-11102 | Can not create schedule object because of character length limitation |
N-11106 | Can not continue to progress on tasks list after adding a rule |
N-11107 | Some Filter options are not working in Tasks List |
Support #
If you encounter any issues while using Opinnate NSPM, please contact our support team at [email protected].
Thank you for choosing Opinnate! We hope you enjoy using it.