Network Configuration

This enables Network administrators to efficiently manage remote IT networks and IP-enabled security devices from a centralized location.

Key benefits:

• Discover and audit all changes on Network devices

• Backup and Restore Device configurations

• Authorized Configuration changes

• Distribute Operating system and patch updates

• Detect network changes and alert via E-mail, SMS, Syslog, and Helpdesk tickets

• Perform differential Audits between configuration versions

• Establish and enforce compliance through compliance and Baseline Policies

• Provide role-based access control

• Detect and report vulnerable devices with remediation strategies

• Report all Aspects of Network Device Configurations, Changes, and Compliances

• Automatic Remediation for Device Policy Compliance to a Specific or Default Configuration.

The NCCM module of Infraon consists of additional modules listed further.

Configuration Download

• Calendar View – Calendar View provides a daily activity summary, including successful, failed, completed, and total configurations processed.

• Configuration Parameters - These parameters encompass various aspects of the device's operation, including network settings, security policies, access controls, and performance configurations.

• Configuration Profile - A configuration profile is a template or predefined set of configuration settings that network administrators can create and customize with information like device details and connection protocols for SSH and Telnet.

• Configuration Search - Configuration Search specifically focuses on download jobs, allowing users to view or export the Startup or Running configurations within these jobs to identify any configuration.

• Download Jobs - Download jobs are tasks that retrieve configurations from network devices for backup, analysis, auditing, or comparison.

• OS Image - OS images are used primarily for managing and deploying configuration changes across network devices such as routers, switches, and firewalls.

• OS Image Download Schedular - This feature compares the configuration data by downloaded version or file.

Configuration Upload

• Configuration Template - Configuration templates hold the commands for uploading jobs and making changes to network devices, including provisioning, OS upgrades, creating or deactivating services, and any other change.

Utilities

• Configuration Comparison - This feature compares the configuration data by downloaded version or file.

• Configuration File Compare - Compares the Configuration File provided by the user.

• Generate MD5 - Generate MD5 Key.

Policies

A policy is a statement of intent implemented as a procedure or protocol. A governance body generally adopts it within an organization.

Policies defined by the organization for internal reference are known as Baseline Policies. In contrast, policies defined by external bodies or organizations based on the nature of an organization's business are known as Compliance Policies.

Policies can be categorized into three sections:

• Rule – A simple condition or a basic checkpoint.

• Rule Group - A collection of rules.

• Policy - A collection of rule groups.

Rules are simple conditions used as basic checkpoints. Multiple category rules are clubbed to form a Rule Group, which meets a Compliance Policy.

NCCM enables Rule configuration, Rule Group Configuration, and Policy configuration. Some policies, like NIST, PCI DSS v3.2, etc., are preconfigured on NCCM. The rules must be added first to add a new policy, then grouped together and added into a Policy. When NCCM runs policy check:

• Rule Check – Rule Information, Match Criteria, and remedy Action are configured here.

• Rule Group check – Selected rules (per the above configuration) are checked on the Devices according to the IP range, Device Vendor, and Device configured here.

• Policy Check – Selected Rule Groups are executed based on the Policy Start and End dates and the schedule configured here.

Let's see each one in detail: