Reporting and System Requirements
Nipper has a wealth of different report options to fit your auditing needs
Best Practice Security Audit
Perform a Best Practise Security Audit (combining multiple industry checks). Use rating systems and mitigation advice to prioritize and plan your fixes.
Detailed configuration reporting
Including: filtering, routing protocols, administration services and more. This report offers a quick, clear view of your device settings.
Audit against globally known vulnerabilities
Including US Government National Vulnerability Database (NVD) and NIST Common Vulnerability and Exposure (CVE) databases. Security issues in the public domain are easy to exploit; this report helps you quickly identify these risks.
The Center for Internet Security (CIS) benchmark reports
These reports can be run against Cisco ASA and IOS devices. The reports have been externally certified by CIS and verified as auditing against their baseline.
PCI DSS audits
PCI (Payment Card Industry) audits perform the automatable system checks and supports integrating this verified data with nonautomatable policy checks. Results offer: detailed advice, verifying passes and explaining failures so you can quickly become compliant.
US Military STIG compliance
This audit was developed in conjunction with DoD IA user groups. Nipper is favored by many Government and Defense agencies because reports are detailed, verifiable and include remediation in line with STIG baselines. Reports can be generated offline for secure environments and scaled to audit any number of devices.
Compliance audit against SANS policy documents
The SANS Institute is a trusted industry body which also trains information security professionals. Their policy is a compliance benchmark to audit against in order to assess your security level.