New Nipper Device Support
The latest release of Nipper includes support for FortiGate FortiOS 6 devices. This release includes:
• The ability to audit FortiOS 5.6, 6.0, 6.2 and 6.4 across Windows 10, CentOS 7 and Ubuntu 18.04
• The full support of FortiOS 6 features include:
o VLAN’s over VXLAN’s
o MAC VLAN’s
o Static Routes and VRF’s
o OSPF and VRF’s
o Virtual Wire Pairs
o Internet Services (Application Layer firewall features)
The existing plugin has been extended to support the newer device operating system version. As such, the accuracy and extent of coverage within the audit reports for these devices has been vastly improved.
FortiGate FortiOS 6 devices can be audited both remotely and locally via the use of manual configuration file(s) in much the same way as earlier FortiGate device operating system versions.
Nipper's internal device detection IP has been updated to handle FortiOS 6 devices without the need for a process change for our users.
The latest release also includes updates to the PSIRT plugin for auditing Cisco devices.
Other Improvements
Alongside the feature changes outlined above, this release includes many improvements across the software:
• Issue resolved where Nipper could produce a False Negative on a Cisco ASA device.
• Improved functionality when using the PSIRT Plugin in conjunction with the Audit Scheduling.
• Issue resolved when running IOS XE device with any other configuration file.
• Detail improvement - Nipper now shows correct CVE's for ASA OS 9.8(4)29.
• Sonicwall ACL now displays correctly within Raw Change Tracking.
• Nipper now detects Juniper SRX Security Policies.
• An issue with the Filtering Differences report when auditing FortiGate devices has been resolved.
• An issue identified with scanning extremely large configuration files has been resolved.
• A bug with Audit Scheduling schedule times has been fixed.
• A bug with the Audit Scheduling Daemon has been fixed.
• Device Coverage for the Vulnerability Audit has been extended.
• An issue causing a software crash with Cisco IOS XE devices has been resolved.
• An issue with logging setting access via the CLI has been resolved.