v3.5.0

New Features

• Cisco ASA CIS Benchmarks
  The CIS Benchmarks are community-developed secure configuration recommendations for hardening organizations’ technologies against cyber attacks. 
  Support has been added to Nipper v3.5.0 for Cisco ASA CIS Benchmarks, allowing customers to generate detailed CIS Benchmark reports for their Cisco ASA device.

• Extended device support within Nipper to allow greater breadth of reporting across top devices. Nipper v3.5.0 is now able to support auditing for the following devices:

  • Arista EOS
  • Aruba Switch
  • Brocade IronWare, FastIron and ICX
  • Extreme XOS Summit and X-Series

   

Continual Improvements

• Resolved a number of incorrect findings reported in the following reports:

  • NVD report for Cisco ASA

    v9.18(4)8

    • Nipper incorrectly reported several CVE rated issues that were only present in versions 9.4 to 9.10.

  • Best Practice Security Audit for FortiOS

    v6.4.15

    • The check “Weak User Account Lockout Policy Setting” was incorrectly returned when lockout was set to 5 attempts.

    • The check “No RIP Update Neighbors Were Configured” was incorrectly returned when RIP was disabled.

    v7.2.8

    • Incorrect detection of password policies.

    v7.2.6

    • The following two findings were incorrectly returned when "Idle Timeout" set in configuration - "No SSH Session Timeout" & "No HTTPS Service Session Idle Timeout".

• Resolved an error when exporting STIG benchmark report to XML.

• Resolved an error whereby, for Juniper SRX Firewall, the 'Name' field was showing the imported configuration path on the host rather than its hostname.

• Amendments to Best Practice Security report including minor text changes and missing bullet points.

• Amended “Details” section within Properties with updated versioning and Copyright.