Making CMMC compliance checks significantly easier with the new CMMC Module

CMMC

The latest release of Nipper expands and simplifies support for the CMMC (Cybersecurity Maturity Model Certification) framework.

A new dedicated CMMC Module provides evidence for 24 of the Level 1-3 CMMC practices for firewalls, switches and routers, automating the assessment of 18 and providing evidential information for 6 practices. The evidence/information is provided in a report format that meets Certified Assessor requirements.

Reports include:

  • Introduction, explaining the CMMC domains and levels applicable to the report
  • Findings overview
  • Individual sections for each CMMC practice that Nipper has assessed, with information as to any issues found and any applicable evidence
  • Exact technical fixes and remediation recommendations

The CMMC Module requires activation; if you would like to use this module please speak to your account manager or contact us at enquiries@titania.com. Device Improvements.

Device improvements

Cisco IOS XR

The scope and accuracy of auditing Cisco IOS XR devices have been improved in the following areas of the device:

  • Administration
  • Banner Settings
  • Border Gateway Protocol (BGP) Settings
  • Filter Rules
  • Network Time Protocol (NTP) Settings
  • Open Shortest Path First (OSPF) Settings
  • Simple Network Management Protocol (SNMP) Settings

General Fixes Nipper

Nipper 2.11.0 corrects the following bugs across the software:

Reporting
  • The filtering differences report no longer fails during the report generation step when run with certain Cisco Router devices.
  • JSON log output has been sanitised to prevent the inclusion of non-html markup in table data.
  • Cisco ASA devices now correctly report as supporting outbound ACLs.
  • SNMP within the Security Audit no longer generates a false positive for Cisco IOS 15.1 devices.
  • No Session Timeout within the Security Audit no longer generates a false positive for Juniper JunOS 15 devices.
  • Syslog Logging Not Enabled within the Security Audit no longer generates a false positive for Juniper JunOS 15 devices.
  • Clear Text HTTP Service Enabled within the Security Audit no longer generates a false positive for Palo Alto Networks PanOS 9 devices.
  • Weak Minimum Password Length within the Security Audit no longer generates a false positive for Cisco IOS 15 devices.
  • Reporting on STP BPDU Guard no longer generates a false positive for Cisco Router devices.
  • HTML reports generated via the Nipper CLI are no longer missing certain icons.
Juniper
  • Certain Juniper SRX device configurations no longer crash when run in conjunction with the Security Audit report plugin.
  • Juniper SRX devices running JunOS 12.4R2.7 now correctly display security policies in the Security Audit report plugin.
Fortigate
  • Fortigate devices running FortiOS 6 are now correctly identified as such when adding manual configuration files prior to the report generation step.
Stability
  • Improved the stability of Nipper installations on Windows systems by preventing a potential vulnerability surrounding the Windows registry.