Nipper InfraSight: compare tiers
Compare Nipper InfraSight tiers for point‑in‑time, configuration‑based assessments with deterministic findings you can defend. Choose the Essential tier for baseline hardening and vulnerability overlays, the Compliance tier for framework‑mapped audit evidence, or the Air Gapped tier for high‑assurance offline operation in restricted environments.
Nipper InfraSight (Essential)
Fast, point-in-time, agentless configuration audits with best-practice hardening, Cisco PSIRT / NIST NVD checks, and clear remediation guidance.
Best for:
Day‑to‑day hardening and vulnerability overlay reviews.
Features:
- Best practice & CIS Benchmark checks
- NIST NVD / Cisco PSIRT vulnerability overlays
- Filtering Complexity Reporting (firewall rule-base complexity)
- Actionable, device-specific remediation
- Human- and machine-readable outputs
- Windows & Ubuntu executable
Nipper InfraSight (Compliance)
Essential plus audit-aligned reporting mapped to frameworks like NIST and PCI DSS, with evidence-grade pass / fail outputs.
Best for:
Audit preparation and control-level evidence (NIST / PCI DSS / DISA STIG).
Includes Essential, plus:
- Compliance / benchmarking support: NIST SP 800-53/171, PCI DSS 4.0, CMMC, CIS, DISA STIG, and RMF mapping
- Pass / fail evidence per control
- Cisco Meraki, SD-WAN, WAPs
Nipper InfraSight (Air Gapped)
Built for high-assurance, fully offline operation in restricted networks where cloud-based analysis and live scanning are prohibited.
Best for:
Restricted networks requiring fully offline operation.
Includes Compliance, plus:
- Fully offline / isolated operation for air‑gapped and restricted networks
- Virtual device modelling from exported configuration files (no live probing)
- Agentless local execution (Windows or Ubuntu installer)
Choose the right Nipper InfraSight tier
All Nipper InfraSight tiers deliver point‑in‑time, configuration‑based findings with deterministic evidence. Use this guide to choose based on the outcome you need. Higher tiers also expand supported devices and output options.
Frequently asked questions
Find clear, practical answers on use cases, Essential vs Compliance tiers, air-gapped requirements, supported devices, and how Nipper InfraSight produces deterministic, configuration-based evidence you can defend.
-
Nipper InfraSight produces point-in-time, configuration-based findings for network devices such as routers, switches, and firewalls. It helps teams harden settings, produce defensible evidence for audits, and prioritize remediation using deterministic results mapped back to configuration.
-
Choose Nipper InfraSight (Essential) for fast device reviews, baseline hardening, and practical remediation guidance. Choose Nipper InfraSight (Compliance) when you must produce structured, framework-aligned reporting (for example NIST or PCI DSS) with evidence-grade pass / fail outputs and human- and machine-readable outputs for audit workflows.
-
Nipper InfraSight (Air Gapped) delivers the full capability set for environments that must remain fully offline – such as sovereign, classified, OT, or regulated networks. It is designed for high-assurance workflows where cloud-based analysis or active probing are restricted or prohibited.
-
Findings are derived directly from device configuration states and can be traced back to the settings, paths, and conditions that triggered them. This supports repeatable reviews, peer validation, and clearer narratives for audit preparation, risk assessments, and follow-up work.
-
Nipper InfraSight supports point-in-time assessments across common network infrastructure devices, including routers, switches, and firewalls. Higher tiers extend coverage and outputs, adding compliance framework mappings and device support such as Cisco Meraki, SD-WAN, and wireless access points, plus capability sets like STIG.