28 Replies Latest reply on Dec 24, 2013 10:15 AM by damiancbessemer

    Policy Reporting

      In the Cirrus version 3, SolarWinds is adding Policy Reporting.  Included within Cirrus will be numerous out-of-the-box policy reports.  We want to ensure we include the types of policy reports our customers would want to see included.  Please let me know what types of rules you would like to see included in these default policy reports.  An example would be as follows:

      Business Logic - Show me all Cisco devices with public as a read only community string

      Syntax - snmp-server community public RO

      Please email comments to Haley_Oyler@Solarwinds.Net

      Thank you,
      Haley Oyler
        • Re: Policy Reporting
          irishjd

          Hi Haley,

          We are a Dept. of the Army shop, and as such have to comply with DISA Security Technical Implementation Guides (specifically the  Network STIG V7R1). Any chance that you guys could get with DISA and come up with compliance reports for the STIGs?

          Jon

            • Re: Policy Reporting

              I second Jon's request!!!  The policy reporter policies seem to aim at SOX requirements.  I would like to see policies checks applicable to goverment requirements (FISMA, DISCAP).  Policy compliance include; NSA/DISA Stigs, CIS at least for now.  We're currently having to use the CIS Router Auditor Tool (RAT) tool in order to provide compliance reports.   Any assistance would be greatly appreciated.  

                • Re: Policy Reporting
                  irishjd

                  Not to sound like I am begging (but I am ;-), is there any chance that the DoD/Government compliance reports (i.e. STIG, DIACAP, FISMA, etc.) will be added? We really, really, really need these compliance reports in our environment. Currently, the only way we can do these is manually (RAT works on the routers, but that is all). When you have several hundred devices to maintain, this becomes an unsurmountable task. Please add these compliance reports!

                  Jon

                    • Re: Policy Reporting

                      Has anyone had any luck transposing the DISA STIG's into NCM Policies & Rules? The reason I ask is, I am trying to do the same.

                      If anyone has had any success and would be willling to exchange rules, please let me know.

                       

                      Thanks,

                      Jeff :) 

                        • Re: Policy Reporting
                          irishjd

                          Unfortunately not, and I have not received any feedback from SW about my request to have it added. Now that SW is on the "approved software" list for DoD, I know that a lot of us DoD folks are probably using it. These reports would be a HUGE bennefit for us all!

                          Jon

                            • Re: Policy Reporting
                              chris.lapoint

                              We're absolutely looking at improvements to Policy Reporting in future releases.   In addition to more out of the box reports, we really want to give users the ability to share rules, policies, and reports they've written to help populate content more quickly.    If you have Policy Reports that you've already written that you'd be willing to share, please let me know.

                    • Re: Policy Reporting
                      christineb

                      If there is anyone on this thread that is interested in joining the 6.1 RC - please send me a note. We are starting to provision it now. 

                      --Christine

                        • Re: Policy Reporting
                          irishjd

                          Hi Christine,

                          I was just doing some research and ran across something I was not aware of that relates to this. There are now multiple STIGs for different classes of devices and for which layer they are operating at. Most of them were just updated in October, and here is a listing off all of the Networking STIGs that are currently in effect:

                          Network Infrastructure STIG Version 8 Release Memo March 24, 2010196 KBPDF
                          Network Firewall Version 8, Release 4 Manual STIGOctober 29, 20102,075 KBZIP
                          Network L2 Switch Version 8, Release 4 Manual STIGOctober 29, 20102,050 KBZIP
                          Network IDS/IPS Version 8, Release 4 Manual STIGOctober 29, 20102,016 KBZIP
                          Network Infrastructure Router L3 Switch Version 8, Release 4 Manual STIGOctober 29, 20102,215 KBZIP
                          Network Other Devices Version 8, Release 4 Manual STIGOctober 29, 20102,020 KBZIP
                          Network Perimeter Router L3 Switch Version 8, Release 4 Manual STIGOctober 29, 20102,325 KBZIP
                          Network Policy Version 8, Release 4 Manual STIGOctober 29, 20102,050 KBZIP
                            • Re: Policy Reporting
                              christineb

                              Hi Jon - we're focusing on Cisco right now. However, we hope that with the new ability to share compliance content within the community, there will quickly be additions available. I would imagine that compliance reports might require some customization for each individual environment, no matter how comprehensive they are - so we focused on providing a good foundation and making the reports easy to build on. 

                              Once we get the report out - we'll definitely be listening for where we should focus enhancements.

                              --Christine

                          • Re: Policy Reporting
                            damiancbessemer

                            Hello,

                             

                            Is there a CIS compliant reporter?

                             

                            Thank You