Network Configuration

This enables Network administrators to efficiently manage remote IT networks and IP-enabled security devices from a centralized location.

Key benefits:

Discover and audit all changes on Network devices
Backup and Restore Device configurations
Authorized Configuration changes
Distribute Operating system and patch updates
Detect network changes and alert via E-mail, SMS, Syslog, and Helpdesk tickets
Perform differential Audits between configuration versions
Establish and enforce compliance through compliance and Baseline Policies
Provide role-based access control
Detect and report vulnerable devices with remediation strategies
Report all Aspects of Network Device Configurations, Changes, and Compliances
Automatic Remediation for Device Policy Compliance to a Specific or Default Configuration.

The NCCM module of Infraon consists of additional modules listed further.

Configuration Download

Calendar View – Calendar View provides a daily activity summary, including successful, failed, completed, and total configurations processed.
Configuration Parameters - These parameters encompass various aspects of the device's operation, including network settings, security policies, access controls, and performance configurations.
Configuration Profile - A configuration profile is a template or predefined set of configuration settings that network administrators can create and customize with information like device details and connection protocols for SSH and Telnet.
Configuration Search - Configuration Search specifically focuses on download jobs, allowing users to view or export the Startup or Running configurations within these jobs to identify any configuration.
Download Jobs - Download jobs are tasks that retrieve configurations from network devices for backup, analysis, auditing, or comparison.
OS Image - OS images are used primarily for managing and deploying configuration changes across network devices such as routers, switches, and firewalls.
OS Image Download Schedular - This feature compares the configuration data by downloaded version or file.

Configuration Upload

Configuration Template - Configuration templates hold the commands for uploading jobs and making changes to network devices, including provisioning, OS upgrades, creating or deactivating services, and any other change.

Utilities

Configuration Comparison - This feature compares the configuration data by downloaded version or file.
Configuration File Compare - Compares the Configuration File provided by the user.
Generate MD5 - Generate MD5 Key.

Policies

A policy is a statement of intent implemented as a procedure or protocol. A governance body generally adopts it within an organization.

Policies defined by the organization for internal reference are known as Baseline Policies. In contrast, policies defined by external bodies or organizations based on the nature of an organization's business are known as Compliance Policies.

Policies can be categorized into three sections:

Rule – A simple condition or a basic checkpoint.
Rule Group - A collection of rules.
Policy - A collection of rule groups.

Rules are simple conditions used as basic checkpoints. Multiple category rules are clubbed to form a Rule Group, which meets a Compliance Policy.

NCCM enables Rule configuration, Rule Group Configuration, and Policy configuration. Some policies, like NIST, PCI DSS v3.2, etc., are preconfigured on NCCM. The rules must be added first to add a new policy, then grouped together and added into a Policy. When NCCM runs policy check:

Rule Check – Rule Information, Match Criteria, and remedy Action are configured here.
Rule Group check – Selected rules (per the above configuration) are checked on the Devices according to the IP range, Device Vendor, and Device configured here.
Policy Check – Selected Rule Groups are executed based on the Policy Start and End dates and the schedule configured here.

Note: Each policy is configured with multiple rules and rule groups to ensure the configurations are per compliance and/or golden template.

CLI Access Profile

Authentication Profile - This profile manages user authentication for accessing network devices via CLI. It verifies user identity before granting access, ensuring only authorized users can initiate CLI sessions. The Authentication Profile allows users to use SSO (Single Sign-On) to access network devices as per the configurations.

Authorization Profile – This profile defines user access levels and permissions for network devices, ensuring only authorized users can execute commands or modify configurations.

It integrates the AAA (Authentication, Authorization, and Accounting) security framework, aligning with NCCM’s Block, Notify, and Terminate actions to enforce security policies by restricting unauthorized actions, alerting admins, or terminating sessions when necessary.

Let's see each one in detail:

PreviousMaintenance NextBaseline Scheduler

Last updated 1 month ago

Was this helpful?

Configuration Download

Calendar View – Calendar View provides a daily activity summary, including successful, failed, completed, and total configurations processed.

Configuration Parameters - These parameters encompass various aspects of the device's operation, including network settings, security policies, access controls, and performance configurations.

Configuration Profile - A configuration profile is a template or predefined set of configuration settings that network administrators can create and customize with information like device details and connection protocols for SSH and Telnet.

Configuration Search - Configuration Search specifically focuses on download jobs, allowing users to view or export the Startup or Running configurations within these jobs to identify any configuration.

Download Jobs - Download jobs are tasks that retrieve configurations from network devices for backup, analysis, auditing, or comparison.

OS Image - OS images are used primarily for managing and deploying configuration changes across network devices such as routers, switches, and firewalls.

OS Image Download Schedular - This feature compares the configuration data by downloaded version or file.

Policies

A policy is a statement of intent implemented as a procedure or protocol. A governance body generally adopts it within an organization.

Policies can be categorized into three sections:

Rule – A simple condition or a basic checkpoint.

Rule Group - A collection of rules.

Policy - A collection of rule groups.

Rules are simple conditions used as basic checkpoints. Multiple category rules are clubbed to form a Rule Group, which meets a Compliance Policy.

Rule Check – Rule Information, Match Criteria, and remedy Action are configured here.

Rule Group check – Selected rules (per the above configuration) are checked on the Devices according to the IP range, Device Vendor, and Device configured here.

Policy Check – Selected Rule Groups are executed based on the Policy Start and End dates and the schedule configured here.

Note: Each policy is configured with multiple rules and rule groups to ensure the configurations are per compliance and/or golden template.

CLI Access Profile

Authentication Profile - This profile manages user authentication for accessing network devices via CLI. It verifies user identity before granting access, ensuring only authorized users can initiate CLI sessions. The Authentication Profile allows users to use SSO (Single Sign-On) to access network devices as per the configurations.

Authorization Profile – This profile defines user access levels and permissions for network devices, ensuring only authorized users can execute commands or modify configurations.

Let's see each one in detail: