In a Firewall device, there could be numerous rules/access-list defined to secure the network from external attacks. Out of the rules/access-list configured, there could be certain rules which would be most used and certain which are least used or never used. Firewall Analyzer captures the most used rules in the Top Used Rules as they would be available in the logs generated by Firewall. But, to get the Unused Rules, one needs to configure the Firewall Analyzer to fetch the complete rules from the device. Once, Firewall Analyzer fetches the complete rules configured in the Firewall, it can provide the Unused Rules view.
Credential Profile
On the top, there are buttons provided to add device credential profiles to fetch rules and to delete the device info. The links are:
After creating and saving the Device Profile values through the Firewall Analyzer GUI, the profiles, edit option, view/associate profile with devices to fetch rules, is listed in the Credential Profile table. The details of the columns of the Credential Profile table are:
To delete the Device Profile from the list of Device Profile Details table, select the check boxes of the respective Device Profile entries and click the Delete Profile icon.
Click the Add button to create device credential profiles to fetch the rules information from a set of common devices. The Add Profile screen pops up.
You can configure the individual device credentials to fetch the rules from the device or you can create a common profile of device credential which can be used for a group of devices to fetch rules.
Primary Info
Device Info |
Description |
---|---|
Login Name |
While establishing connection with a device, if the device asks for a Login Name, set a value for this parameter. This parameter is Optional. |
Password |
To set the Password for accessing the device. |
Admin Privilege | Whether administrator privilege is required for device access. Select Yes or No |
Banner Prompt | The prompt that appears for the banner |
Banner Input | The banner message |
Prompt |
The prompt that appears after successful login. |
Enable Command | The command to fetch the rule and configurations |
Enable UserName |
When entering into privileged mode, some devices require UserName to be entered. Provide the username if prompted; otherwise leave this field empty. |
Enable Password |
This is for entering into privileged mode to perform configuration operations like backup/upload. This parameter is mandatory. |
Enable Prompt |
This is the prompt that will appear after going into enable mode. |
Note: |
Both Primary and Secondary credentials (Login Name and Password) of the Firewalls are encrypted and stored in the Firewall Analyzer. |
Secondary Info
Click the link Secondary Info to view/enter values for these parameters. All the parameters are usually assigned with certain Standard Values by default. Such standard values have been filled for these parameters. Most of the devices would work well with these values and you need not edit these details unless you want to provide different set of details.
Device Info |
Description |
---|---|
Port (Telnet/SSH) |
Port number of Telnet/SSH - 23 (for Telnet) and 22 (for SSH) by default. |
Login Prompt |
The text/symbol that appears on the console to get the typed login name is referred as login prompt. For example, Login: |
Password Prompt |
The text displayed on the console when asking for password. For example, Password: |
Enable User Prompt |
The text displayed on the console when asking for Enable UserName. For example, UserName: |
Enable Password Prompt |
The text displayed on the console when asking for password. For example, Password: |
Command |
The command to be executed, to fetch the Firewall rules is displayed in the Command field. |
Click the Assign Profile button to associate devices to device profiles to fetch the rules information from the devices. The Associate Profiles to Devices screen opens up.
Note: |
In the Fetch Rules from the device section, if the following message appears: 'Unable to generate compliance report. Reason: Failed to locate Nipper. Click here to enable it'. Carry out the procedure given at the end of the document. |
After associating the devices to Device Profiles the profiles and the associated devices are listed in the Device Profile Details table.
Note: |
Getting Rules/ Configuration Information from the individual virtual Firewalls (virtual domain) If you want to fetch the rules/configurations from the individual virtual Firewalls (virtual domain) separately, select the option 'Display Virtual Domains in the below resources list.' in Associate Profiles to Devices page. It lists both the virtual Firewalls (virtual domain) and the physical devices in the Select Device drop down list. |
Note: |
Trouble Shooting: If the following message appears in the Compliance Reports field, enable Nipper. 'Unable to generate compliance report. Reason: failed to locate nipper. Click here to enable it' |
In the Compliance Report field, the following message appears: 'Unable to generate compliance report. Reason: Failed to locate Nipper. Click here to enable it'. What should I do?
Supported Platform:
Prerequisite:
The GNU/Linux platform requires Qt 4.5 to be installed. Your package manager system should automatically install this for you.
Steps:
After performing the above steps, go to Setting > Device Profile > Add, the option to generate compliance report for the device will be enabled.