Making CMMC compliance checks significantly easier with the new CMMC Module
CMMC
The latest release of Nipper expands and simplifies support for the CMMC (Cybersecurity Maturity Model Certification) framework.
A new dedicated CMMC Module provides evidence for 24 of the Level 1-3 CMMC practices for firewalls, switches and routers, automating the assessment of 18 and providing evidential information for 6 practices. The evidence/information is provided in a report format that meets Certified Assessor requirements.
Reports include:
- Introduction, explaining the CMMC domains and levels applicable to the report
- Findings overview
- Individual sections for each CMMC practice that Nipper has assessed, with information as to any issues found and any applicable evidence
- Exact technical fixes and remediation recommendations
The CMMC Module requires activation; if you would like to use this module please speak to your account manager or contact us at enquiries@titania.com.
Device Improvements.
Device improvements
Cisco IOS XR
The scope and accuracy of auditing Cisco IOS XR devices have been improved in the following areas of the device:
- Administration
- Banner Settings
- Border Gateway Protocol (BGP) Settings
- Filter Rules
- Network Time Protocol (NTP) Settings
- Open Shortest Path First (OSPF) Settings
- Simple Network Management Protocol (SNMP) Settings
General Fixes Nipper
Nipper 2.11.0 corrects the following bugs across the software:
Reporting
- The filtering differences report no longer fails during the report generation step when run with certain Cisco Router devices.
- JSON log output has been sanitised to prevent the inclusion of non-html markup in table data.
- Cisco ASA devices now correctly report as supporting outbound ACLs.
- SNMP within the Security Audit no longer generates a false positive for Cisco IOS 15.1 devices.
- No Session Timeout within the Security Audit no longer generates a false positive for Juniper JunOS 15 devices.
- Syslog Logging Not Enabled within the Security Audit no longer generates a false positive for Juniper JunOS 15 devices.
- Clear Text HTTP Service Enabled within the Security Audit no longer generates a false positive for Palo Alto Networks PanOS 9 devices.
- Weak Minimum Password Length within the Security Audit no longer generates a false positive for Cisco IOS 15 devices.
- Reporting on STP BPDU Guard no longer generates a false positive for Cisco Router devices.
- HTML reports generated via the Nipper CLI are no longer missing certain icons.
Juniper
- Certain Juniper SRX device configurations no longer crash when run in conjunction with the Security Audit report plugin.
- Juniper SRX devices running JunOS 12.4R2.7 now correctly display security policies in the Security Audit report plugin.
Fortigate
- Fortigate devices running FortiOS 6 are now correctly identified as such when adding manual configuration files prior to the report generation step.
Stability
- Improved the stability of Nipper installations on Windows systems by preventing a potential vulnerability surrounding the Windows registry.