2. Connectors

You are here:
< All Topics

NP-Live includes NP-Connect, a utility to automatically retrieve network device configuration files on a schedule. The list of connectors that are currently included with NP-Connect is as follows:

Cloud Providers

For retrieving vlan and services configurations from cloud providers.

Manufacturer Type/Model Configuration Information Required
Amazon AWS AWS API Access Key, Secret Key and Region to monitor
Microsoft Azure Azure Tenant ID, Client ID, Client Secret, Subscription ID, and Resource Group Name

Configuration Managers

For retrieving config files from network management systems using read-only SSH. For each connector, the user can define the devices to be uploaded for monitoring.

Manufacturer Type/Model Configuration Information Required
Checkpoint R80 Hostname or IP address plus login credentials
Forescout Enterprise Manager Install of the NP-Live Plugin for ForeScout into your ForeScout Enterprise manager. See this document for details.
Fortinet FortiManager Hostname or IP address plus login credentials
Palo Alto Panorama Hostname or IP address plus login credentials
Somarwinds Network Configuration Manager Hostname or IP address plus login credentials
Tripwire Enterprise Manager Hostname or IP address and login credentials plus a tripwire policy rule to invoke.

Direct Device Connection

For retrieving config files directly from the device using read-only SSH.

Manufacturer Type/Model Configuration Information Required
Cisco Adaptive Security Appliance (ASA) Hostname or IP address plus login credentials, enabling password and optional context
Cisco Internetwork Operating System (IOS) Hostname or IP address plus login credentials, enabling password and optional context
Fortinet FortiGate Firewall and NGFW Hostname or IP address plus login credentials
Note: SCP should be enabled in the configuration (instructions)
Juniper JunOS Firewall Hostname or IP address plus login credentials
Palo Alto PAN-OS Hostname or IP address plus login credentials

Volume Shares

For retrieving config files that are uploaded to a common collection repository.

Platform Connection Configuration Information Required
Windows SMB Share (Samba) Hostname or IP address and folder path. Optionally a white list and black list can be defined. Optional. A PGP key can also be provided if the files retrieved have been encrypted.
Linux SSH Share Hostname or IP address and folder path. Optionally a white list and black list can be defined. Optional. A PGP key can also be provided if the files retrieved have been encrypted.

Additional Instructions

Service Account

The use of service accounts is a recommended best practice when connecting to devices through NP-Connect. When entering credentials related to an Active Directory domain, it is recommended to enter the username using the format account@domain.xyz instead of domain.xyz\account since the backslash can cause unexpected issues.

Samba

Network Perception suggests the following when setting up the SMB connection.

  1. Create a read-only user in Active Directory or on the SMB server.
  2. Share the SMB folder containing the Configuration files with the read-only user.
  3. Use the folder name at the end of the share in the field “Path on remote host” in NP-Connect.
Azure

The fields required for the Azure connector are:

  1. Tenant ID
  2. Client ID & Client Secret
  3. Subscription ID
  4. Resource Group Name
The services on Azure we currently support are:
  • Virtual Networks
  • Network Security Groups
  • Subnets
  • Storage Accounts
  • Network Interfaces
  • Virtual Machines
AWS

The fields required for the AWS connector can be found at:

  1. Access Key ID & Secret Access Key
If you have a system for which you need a connector or if you encounter a technical issue, please contact support@network-perception.com.

Table of Contents