7. Network Visualization

You are here:
< All Topics

Network visualization is one of the most powerful function of NP-View and NP-Live.  After the user creates a workspace and imports configuration files and supporting meta data, the visualization function process the information into a usable network diagram. From the network diagram, the user can rearrange the objects on the canvas by selecting and dragging a device to a new location.

Topology Network Map

Devices can be assigned a name (grey tag), a category (red or orange tag) and criticality (colored ring).

If a device has active alerts, the number of alerts is displayed in the top-right corner (red circle).

Multiple devices can be selected by holding the shift key down and assigned to a zone (yellow grouping).

Zones can be edited, color coded and deleted.

Additional topology features include expand / collapse a node, auto arrange peers in a circle, auto define all zones and pin / unpin a specific node.

 

 

 

 

When selecting a device, the device attributes will be displayed on the left device information menu.

Firewall Device Information

For Firewalls, the panel to the left will be displayed.

The user can rename the device, assign a category and a device criticality. Additional information includes being able to review multiple version of configuration files and compare them with the diff viewer.

A risk assessment grade is assigned for each firewall based on the number of open risks and warnings and their associated criticality.

The connectivity matrix shows all of the connections for the selected firewall and the IP rules for each connection.

Risks and Warnings shows the active risks, warnings and their criticality for the selected device.

Access Rules shows the rule table for the selected device with the ability to compare two sets of rules and display the differences.

Object groups shows the object groups for the selected device.

A summary of the number of routes and a table of the interfaces is also displayed.

Administrators and Standard Users can delete the device from the workspace.

 

 

 

Network & Gateway Information

For networks and gateways, the following is displayed:

The user can rename the device, assign a category and a device criticality.

Additional information includes being able to review IP address of the connected hosts.

Display inbound connectivity / outbound paths as well as displaying traces and stepping stone analysis.

Traces can be loaded from PCAP files, which are network data captures recorded by tools such as Wireshark or TCPDump.

Stepping stone analysis displays the number of hops between the selected system and its nearest neighbors.

The user can also search the config file for the device.

 

Host Information

And for hosts, the following is displayed

The user can rename the device, assign a category and a device criticality.

Display inbound / outbound connectivity paths as well as displaying traces and stepping stone analysis.

Display the services loaded from netstat files.

Display vulnerabilities loaded from Nmap, Nexpose, Nessus, and Qualys files.

The user can also search the config file for the device.

 

 

 

 

Main Menu Features

Several topology features are presented on the main menu available in the top-left corner.

  • Auto group – automatically creates a series of zones based on the connections in the workspace. Once enabled, zones need to be manually deleted if no longer wanted.
  • Custom Views – Two views are automatically created for each workspace.  default shows all of the devices in the workspace and birds eye view shows only the firewalls in the workspace.  Additional views can be created, edited and deleted by the user.
  • Highlight paths – Allows the user to view device / open port combinations on the topology map.
  • Export map – exports the topology map to PDF of Visio for record retention.
Table of Contents