Making CMMC compliance checks significantly easier with the new CMMC Module
CMMC
The latest release of Nipper expands and simplifies support for the CMMC (Cybersecurity Maturity Model Certification) framework.
A new dedicated CMMC Module provides evidence for 24 of the Level 1-3 CMMC practices for firewalls, switches and routers, automating the assessment of 18 and providing evidential information for 6 practices. The evidence/information is provided in a report format that meets Certified Assessor requirements.
Reports include:
- Introduction, explaining the CMMC domains and levels applicable to the report
- Findings overview
- Individual sections for each CMMC practice that Nipper has assessed, with information as to any issues found and any applicable evidence
- Exact technical fixes and remediation recommendations
The CMMC Module requires activation; if you would like to use this module please speak to your account manager or contact us.
Device Improvements.
Device improvements
Cisco IOS XR
The scope and accuracy of auditing Cisco IOS XR devices have been improved in the following areas of the device:
- Administration
- Banner Settings
- Border Gateway Protocol (BGP) Settings
- Filter Rules
- Network Time Protocol (NTP) Settings
- Open Shortest Path First (OSPF) Settings
- Simple Network Management Protocol (SNMP) Settings
General Fixes Nipper
Nipper 2.11.0 corrects the following bugs across the software:
Reporting
- The filtering differences report no longer fails during the report generation step when run with certain Cisco Router devices.
- JSON log output has been sanitised to prevent the inclusion of non-html markup in table data.
- Cisco ASA devices now correctly report as supporting outbound ACLs.
- SNMP within the Security Audit no longer generates a false positive for Cisco IOS 15.1 devices.
- No Session Timeout within the Security Audit no longer generates a false positive for Juniper JunOS 15 devices.
- Syslog Logging Not Enabled within the Security Audit no longer generates a false positive for Juniper JunOS 15 devices.
- Clear Text HTTP Service Enabled within the Security Audit no longer generates a false positive for Palo Alto Networks PanOS 9 devices.
- Weak Minimum Password Length within the Security Audit no longer generates a false positive for Cisco IOS 15 devices.
- Reporting on STP BPDU Guard no longer generates a false positive for Cisco Router devices.
- HTML reports generated via the Nipper CLI are no longer missing certain icons.
Juniper
- Certain Juniper SRX device configurations no longer crash when run in conjunction with the Security Audit report plugin.
- Juniper SRX devices running JunOS 12.4R2.7 now correctly display security policies in the Security Audit report plugin.
Fortigate
- Fortigate devices running FortiOS 6 are now correctly identified as such when adding manual configuration files prior to the report generation step.
Stability
- Improved the stability of Nipper installations on Windows systems by preventing a potential vulnerability surrounding the Windows registry.