Frequently Asked Questions

 

A single base license of Nipper gives you access to the Nipper software in order to run reports to audit device configurations. This will allow you to audit up to the number of devices agreed in your license i.e. up to 500 devices, giving you the flexibility to meet your needs now and in the future. The license can run for a single year or for multiple years. If you have a multiple year license, your device usage will be reset every 12 months from license creation date. The license is not limited to a specific user and will have an agreed level of support.

A device is an individual router, switch or firewall that Nipper will audit. If, for example, you have a management system that combines the configurations from five individual firewalls, that will constitute five devices. If you have a switch stack with a single configuration it will count as a single device.

Virtual devices are treated the same as physical devices. For example, a Palo Alto device with three different virtual devices on it will count as four different devices for configuration auditing.

See a full list of device vendors which Nipper currently integrates with us here:

View Supported Devices

Nipper has the option to activate a license offline (requiring a separate device to carry out an online check through our website). Nipper builds a virtual model of the device from configuration files either extracted manually or via a direct network link. This reduces traffic on your network to a minimum or eliminates the requirement altogether.

Nipper licenses include all updates and upgrades during the license subscription.

Resources within Nipper (ie. NVD CVE’s) are updated regularly and with each software release but can also be manually updated so that you can be certain the audit reports are as up-to-date as possible.

Access the guide to downloading Nipper:

Downloading Nipper v3.x

Installing and activating Nipper on multiple workstations allows users to access the license to audit devices across different teams, departments or locations.

Access the guide to installing Nipper:

Installing Nipper

Access the guide to updating Nipper:

How to update Nipper

Nipper (v3) has been built on a new platform to previous releases. The means that to upgrade to Nipper (v3) from an earlier version you will need to carry out a new installation of Nipper and add v3 license keys.

To do this please follow these instructions:

  1. Login to your customer account at https://account.titania.com/

  2. Select the downloads area of the customer account (see here for detailed guidance on Downloading Nipper v3.x)

  3. In the next screen, download Nipper (v3) for Windows.

  4. Go back to the menu area and select My licenses.

  5. On the next screen, make a note of your serial number and activation code for Nipper (v3). Please make sure that you have the correct version here.

  6. Install Nipper, following the instructions here: Installing Nipper

  7. To add the license details, follow the instructions here, using the serial number and activation code from step 5: Adding a license to Nipper

You do not need to uninstall Nipper, v2 to run v3.

If Nipperdoes not recognize an imported configuration then error code "Failed to detect device" occurs.

This means that Nipper has processed the configuration file but was unable to identify some configuration settings that it would expect to find for a specific type of device. This can indicate that the configuration may have been retrieved in an unexpected format. To retrieve the configuration in the expected format, instructions can be found in the Nipper documentation tab, or within the Nipper Software via Help & Information > How do I get the configuration from my network device? Or directly from the support documents part of our website, under Device Guides.

For example, when removing a version line from a configuration file that would usually contain version information this may occur. This feature helps to prevent situations such as processing a Juniper SRX configuration as a Cisco ASA device.

If you are sure that the configuration file is from the correct type of device, you could force Nipperto process it and ignore the fact that the usual settings were not present. This can be achieved using the force command line option when using the command line tool.

Although Nipper is capable of being operated offline, there are a number of functions that require network access. These functions are online update checking, downloading software updates and license activation.

This FAQ note is intended for those installations that are behind network filtering devices that restrict Internet bound network traffic. For Nipper the following access will be required in order to enable the online functionality:

Protocol: TCP
Destination: licensing.titania.com
Destination Port: 443 (HTTPS)

We recommend that your files and registry are backed up prior to any deletions.

  • Uninstall Nipper from Windows Control Panel

  • Navigate to your %AppData% folder

  • Delete AppData\Roaming\Titania

  • Delete AppData\Local\Titania

  • Delete AppData\Local\nipper-gui

  • Go into the registry (ie. via Regedit)

  • Delete Computer\HKEY_CURRENT_USER\Software\Titania

  • Delete Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Titania

  • Reboot the system to ensure that all application-related processes or lingering threads are fully terminated.

Nipper Heatmap Table

To remove the heatmap table, go to Nipper Settings > Reports > select the relevant report (e.g. Best Practice Security or PCI DSS 4.0 Assessment) and then uncheck ‘include Heatmap in Summary’ option.

  1. Expand the relevant finding with ‘Investigate’ status in the Report Browser (available at the right side of the report).
  2. Select the device under ‘Devices’ section and then click on ‘Status’ (just at the right bottom corner of Nipper application).
    investigate status
  3. Change the Status to ‘Pass’ or 'Fail' and then click ‘Ok’.

    settings
  4. Select ‘Yes’ for ‘Do you want to re-generate your report now?’.
    regenerate report prompt

Please contact customerservice@titania.com to regain your account access.

This portal is for Nipper customers only. All license holders are automatically invited to create a customer account, please check your inbox for messages from customerservice@titania.com to complete your registration.

If you are not the license holder, or your invite has expired, please use the form on the link below to request an account. Once submitted, verification can take up to 2 working days.

https://account.titania.com/request-access

If you face any issues, please contact customerservice@titania.com.

Please fill out the form at https://account.titania.com/request-access. If you face any issues, please contact customerservice@titania.com.

To generate a report for specific FTDs from the configuration you import to Nipper, please follow the below steps:

1. On your Nipper homepage, click on Settings.

2. Change the view from Standard to Advanced at the bottom of the Nipper software interface.

3. Now select Devices>Cisco Firepower via FMC.

4. Check the box for ‘Prompt for Device Selection’.

A screenshot showing Nipper

Import the configuration to Nipper and it should give you option to choose which FTD configurations you want to audit with Nipper.

A screenshot showing Nipper

 

Please note, this feature allows you to select FTDs within Nipper after importing the configuration. You may still not be able to export configurations for specific FTDs directly through the Firepower Management Center (FMC).

Each finding is identified and scored using the Nipper rating system.

There are 4 types of Nipper Ratings:

  • Impact Rating: Present the impact of the finding. The ratings are Critical, High, Medium, Low, and Informational.

  • Ease Rating: How easy it would be for an attacker to exploit. The ratings are Trivial, Easy, Moderate, Challenging.

  • Fix Rating: A guide to the effort required to resolve the finding. The ratings are Involved, Planned and Quick.

  • Overall Rating or Overall Risk: The Impact and Ease ratings are combined to determine the overall Nipper risk rating, using an internally defined table which generates a score. This score is then finally converted to the risk categorization, as follows:

    • 1, 2 - Informational

    • 3, 4 - Low

    • 5, 6 - Medium

    • 7, 8 - High

    • 9, 10 - Critical.

  1. On your Nipper homepage, go to Settings>Licensing.

  2. Set the Ask for Confirmation option to Always.

Screenshot of Nipper showing the licensing screen

Once you import any configuration to Nipper and proceed, you will see the number of devices that would be consumed as below:

Screenshot of Nipper showing License usage

  1. On your Nipper homepage, click on Licensing.

  2. Click on License information icon as shown below:

    Screenshot of Nipper showing the license information screen

  3. Click on Usage tab to see Used and Available device count in your active License. For example, in the below screenshot, we have consumed or audited 39 devices:

Screenshot of Nipper showing a chart highlighting license usage.

  1. Navigate to the Report Browser available on the right side of the report.

  2. Click on the specific finding to select it.

  3. Click on the Exclude option available at the end of the Report Browser.

  4. Choose the appropriate exclusion option from the menu.

  5. Click OK.

  6. Select Yes to regenerate the report.

A screenshot of the Report Browser in Nipper

1. Ensure device compatibility and supported versions

Before starting an audit, confirm that:

  1. The device is listed as a supported device here.

  2. Consult with Support regarding compatible OS and versions for the supported devices.

2. Keep Nipper updated

Regular updates introduce new device support, feature enhancements, and bug fixes. To ensure optimal performance:

  1. Always use the latest version of Nipper .

  2. Follow the How to update Nipper to upgrade to the latest release.

3. Export device configurations correctly

  1. Use the official Nipper device guides to export configurations in the correct format.

  2. Avoid manual modifications to prevent syntax errors or formatting issues.

  3. Ensure the file format is correct (e.g., .json for Checkpoint and Firepower, .xml for Palo Alto).

4. Do not modify the exported configuration

  1. Ensure that the exported configuration is not modified before importing to Nipper.

  2. Check for formatting inconsistencies that could cause parsing issues.

5. Verify device detection and version identification

Nipper auto-detects the audited device and version. To prevent false positives:

  1. Confirm that Nipper correctly identifies the device type and OS version.

  2. If detection is incorrect, ensure the configuration file has been exported in the right format. You may also manually select the correct device plugin if you think the file is correctly exported and has not tampered with.

6. Reach out to Support when needed

  1. Before contacting Support, check Nipper’s Known Issues for potential solutions.

  2. If an issue persists, contact Support with a sanitized configuration file for further analysis.

  3. Provide detailed error descriptions and screen shots to expedite troubleshooting.

Access the guide to the commonly known issues in Nipper and solutions/workarounds for each here: Nipper v3.x.x Known Issues