Skip to main content

2. Connectors

Created On
Last Updated On
byRobin Berthier
You are here:
< All Topics

NP-Live includes NP-Connect, a utility to automatically retrieve network device configuration files on a schedule. The list of connectors that are currently included with NP-Connect is as follows:

Cloud Providers

For retrieving vlan and services configurations from cloud providers.

Manufacturer Type/Model Configuration Information Required Connection Type
Amazon AWS AWS API Access Key, Secret Key and Region to monitor Boto3 (HTTPS + OAuth2)
Google Google Cloud Platform GCP ID, Service Account Credentials HTTPS + OAuth2
Microsoft Azure Azure Tenant ID, Client ID, Client Secret, Subscription ID, and Resource Group Name HTTPS

Configuration Managers

For retrieving config files from network management systems using read-only SSL. For each connector, the user can define the devices to be uploaded for monitoring.

Manufacturer Type/Model Configuration Information Required Connection Type
Check Point R80 Hostname or IP address plus login credentials
See device selection and service account sections below for additional information		 HTTPS + optional SSL server verification
Forescout Enterprise Manager Install of the NP-Live Plugin for ForeScout into your ForeScout Enterprise manager. See this document for details and the additional instructions section below. Java plugin
Fortinet FortiManager Hostname or IP address plus login credentials HTTPS + optional SSL server verification
Infoblox NetMRI Hostname or IP address plus login credentials HTTPS
Palo Alto Panorama Hostname or IP address plus login credentials
See device selection section below for additional information		 HTTPS
Solarwinds Network Configuration Manager Hostname or IP address plus login credentials HTTPS
Tripwire Enterprise Manager Hostname or IP address and login credentials plus a tripwire policy rule to invoke. HTTPS + optional SSL server verification

Direct Device Connection

For retrieving config files directly from the device using read-only SSL.

Manufacturer Type/Model Configuration Information Required Connection Type
Cisco Adaptive Security Appliance (ASA) Hostname or IP address plus login credentials, enabling password and optional context SSH
Cisco Internetwork Operating System (IOS) Hostname or IP address plus login credentials, enabling password and optional context SSH
Fortinet FortiGate Firewall and NGFW Hostname or IP address plus login credentials
Note: SCP should be enabled in the configuration (instructions)		 SSH
Juniper JunOS Firewall Hostname or IP address plus login credentials SSH
Palo Alto PAN-OS Hostname or IP address plus login credentials HTTPS

Volume Shares

For retrieving config files that are uploaded to a common collection repository.

Platform Connection Configuration Information Required Connection Type
Windows SMB Share (Samba) Hostname or IP address and folder path. Optionally a white list and black list can be defined. Optional. A PGP key can also be provided if the files retrieved have been encrypted. SMB/CIFS
Linux SSH Share Hostname or IP address and folder path. Optionally a white list and black list can be defined. Optional. A PGP key can also be provided if the files retrieved have been encrypted. SSH

Additional Instructions

AWS

The fields required for the AWS connector can be found at:

  1. Access Key ID & Secret Access Key
The services on AWS we currently support are:
  • Virtual Networks
  • Network Security Groups
  • Subnets
  • Network Interfaces
  • Virtual Machines (EC2)
Azure

The fields required for the Azure connector are:

  1. Tenant ID
  2. Client ID & Client Secret
  3. Subscription ID
  4. Resource Group Name
The services on Azure we currently support are:
  • Virtual Networks
  • Network Security Groups
  • Subnets
  • Storage Accounts
  • Network Interfaces
  • Virtual Machines
Device Selection
CheckPoint and Palo Alto network management systems provide files with multiple devices. The connectors for these systems allow for the selection of individual devices to load into NP-Live. The user can input the names of the devices, one per line, or select the “Retrieve device list” button to be provides a selection list.
Forescout
If Forescout is truncating the data imported into NP-Live, use the following command on Forescout to extend the size of the retrieved file:  fstool set_property fs.np.field.string.limit.def YYYY where YYYY represents the number of lines to import (e.g., fstool set_property fs.np.field.string.limit.def 25000)
Google Cloud Platform

The fields required for the GCP connector are:

  1. GCP ID
  2. Service Account Credentials
The services on GCP we currently support are:
  • Firewall rules (`gcloud compute firewall-rules list –format=json`)
  • Instances (`gcloud compute instances list –format=json`)
  • Subnets (`gcloud compute networks subnets list –format=json`)
  • Routes (`gcloud compute routes list –format=json`)
  • VPN Gateways (`gcloud compute vpn-gateways list –format=json`)
  • VPN Tunnels (`gcloud compute vpn-tunnels list –format=json`)
Samba

Network Perception suggests the following when setting up the SMB connection.

  1. Create a read-only user in Active Directory or on the SMB server.
  2. Share the SMB folder containing the Configuration files with the read-only user.
  3. Use the folder name at the end of the share in the field “Path on remote host” in NP-Connect.
Service Account

The use of service accounts is a recommended best practice when connecting to devices through NP-Connect. The service account can be read-only and must have API provileges.  When entering credentials related to an Active Directory domain, it is recommended to enter the username using the format account@domain.xyz instead of domain.xyz\account as the backslash can cause unexpected issues.

For R80, we recommend creating the service account in the SmartCenter (not Gaia) ensuring the account provides access to the Web API.

If you have a system for which you need a connector or if you encounter a technical issue, please contact support@network-perception.com.

Table of Contents
  • Product
    • Product Text

      Product Tour

      NP-View is the perfect solution to prepare for an audit: it works offline and runs on any desktop. NP-Live is the solution for businesses that require continuous network compliance monitoring.

    • Product TOI np-view

    • Product TOI np-live

  • Solutions
    • Solutions TOI NERC-CIP

    • Solutions TOI Security Assessment

    • Solutions TOI IEC-62443

    • Critical Asset Protection

    • Solutions text

      Solutions

      Learn how Network Perception software can support your compliance and security operations.

  • Resources
    • Resources text

      Resources

      Learn how to use Network Perception software through video tutorials and documentation. Explore the Knowledge Base for technical questions and advanced features.

    • Resource TOI Whitepapers

    • Resource TOI Knowledge Base

    • Resources TOI Tutorial Videos

  • Company
    • Company text

      Company

      Network Perception was founded in 2014 by a team of researchers and security experts. Learn more about our history and positions available.

    • Company TOI About

    • Company TOI Careers

    • Company TOI Contact

    • Company Partner Program

  • News & Updates
  • Customer Portal
  • Demo