Importing and Exporting Data
Importing Primary Data
Once a workspace is created, the user can begin importing configuration files from Firewalls, Routers and Switches. To start the process, the user can drag and drop the files onto the topology map area or use the +import -> Manual Import workflow. One or more supported configuration files can be loaded at one time. Once the files are selected, the user can review the files for accuracy, clicking the x to remove one or more devices and then clicking the Import button to begin the process.
Files from supported Network management Systems can also be imported. Once the Import button is selected, a list of included devices will be provided for selection. Once the list of files is selected, clicking the Import button again will begin the upload and import process.
Note that device licenses are applied upon first import. As the files are loaded, the available license count is decremented and the device is tracked across all workspaces. See the licensing section for more details.
NP-View can also be configured to automatically retrieve files from devices, network management systems and file shares on a schedule. See the Connectors section for more information.
Initial data processing can take some time depending on the quantity and size of the files imported. A status of the importing files will be displayed on the import menu and an indicator of the number of background processes running for all users will appear next to your user name in the upper right corner. Upon completion of processing, the Home view will be displayed.
Device Identification
NP-View uses device heuristics to attempt to classify a device type. As many devices can use the same configuration file, it may be difficult for accurate classification. For example: the same Cisco IOS can be run on different Cisco hardware and the hardware definition is not present inside the configuration file. The device classifier tries to recognize routers vs firewalls using a few known syntax difference like in expressing static routes:
- IP route in router configs versus
- route in ASA firewall
But, this does not guarantee a perfect match (i.e. a router might not have static routes and instead use dynamic routing). By convention, the classifier will categorize a device as firewall if the config contains access lists. If a device is misclassified, the user can change the device type using the info panel for that device.
Importing Auxiliary Data
Once the relevant configuration files (priority 1) are loaded, the user can choose to add auxiliary data to enrich and augment the analysis and topology visibility. As multiple files can have similar data, we have implemented a data loading precedence to facilitate data enrichment and prioritization.
Priority |
File Types |
Content |
How Used |
Supported Products |
| 2 | nmap, nessus, nexpose, qualys | CVE info (ID, severity, Exploitability, Remediation suggestion) | Enrichment & Change Tracking | Professional & Enterprise |
| 3 | nmap, nessus, nexpose, qualys | Host Discovery (IP, HW Address, status), OS and Services | Enrichment & Change Tracking | Professional & Enterprise |
| 4 | netstat | Host Discovery (IP, status), OS and Services | Enrichment & Change Tracking | Professional & Enterprise |
| 5 | ARP | MAC Address, Host | Enrichment & Change Tracking | Professional & Enterprise |
| 6 | hosts (user created) | Text (IP / Hostname) | Enrichment & Change Tracking | All |
| 7 | Wireshark | Network Traffic (PCAP)
Under development and available as beta only |
Enrichment | Enterprise |
Importing Legacy NP-View Gen 1 Data
NP-View Gen I Project Import
Administrator and Workspace Admin's can import a previously saved project file from NP-View Gen I (Java). The user can drag and drop the project file on to the workspace page or into an open workspace. If the user loads a project file into an existing workspace, the workspace contents will be replaced with the contents of the project file. If the user loads the project file onto the workspaces page, it will be processed as if it is a new workspace and request name and compliance type. When a project file is imported, complete end-to-end processing of the data is required and may take several minutes for the topology to render. The topology, zones and comments from a NP-View Gen I project will be imported into NP-View. Workspaces exported from NP-View cannot be opened in NP-View Gen I.
Tip: one or more saved workspace or NP-View Gen I projects can be dropped onto the workspaces page. A new workspace will be created with the name of the file and the information loaded into the new workspace.
Exporting Comments and Metadata
The entire Access rule and Object group table and its contents can be exported to an Excel formatted document. The export will only contain the visible columns in the report.
It is important to keep the comments columns (Comment, Comment Author, Comment Status) visible as well as the Object Id column as they are required for subsequent import.
It is recommended that at least one row of data be manually filled in with metadata before export to fully populate the template with examples of the field format.
For Access Rules, there are three export options:
- Export to Excel – Exports visible cells to an excel file
- Export to Excel with history – Exports visible cells to an excel file with comment and metadata history.
- Export to Excel with expanded objects – Exports visible cells to an excel file with expanded object groups and objects.
For Object Groups, there are two export options:
- Export to Excel – Exports visible cells to an excel file
- Export to Excel with history – Exports visible cells to an excel file with comment and metadata history.
Once the export button is clicked, the file (rule.xlsx, or object.xlsx) will automatically download.
The naming of the file is critical for subsequent uploading of metadata.
- The file name must end with ‘rule.xlsx’ or ‘object.xlsx’
- Valid names: Halloween_rule.xlsx, christmas_object.xlsx
- Invalid names: rule_a.xlsx, rule(2).xlsx, object(1).xlsx
The file will contain all of the visible table columns plus multiple columns of metadata for each comment.
- Comment and metadata fields are free form text.
- Binary fields will accept True and False
- Date fields will accept dates in the format of mm/dd/yyyy
- The user can make updates to an existing comment field which will be treated as a new record.
- The user can add, update or clear content in the custom fields columns which will be treated as a new record.
- Updates to standard fields unchanged fields are ignored on import.
Enriching Metadata
As part of the audit process, Comments can be updated for Access Rules and Object groups as discussed here. Once the primary and secondary data is loaded, the user may want to bulk load justification data into the Access Rules and Object Groups tables.
Access Rules
The access rules export will contain four columns of data for each comment as below.
- Comment field contains the user entered text. If cleared or left blank, the comment will be updated accordingly.
- Comment Status choices are ‘Verified’, ‘To Revise’, ‘To Review’ or can be left blank.
- The Comment Author field contains the user who entered the last change. Upon import, this field will be automatically populated with the userid of the importer. Manual inputs into this field will be ignored.
- The Comment Date field contains the date of last change. Upon import, this field will be automatically populated with the current date if a change has been detected. Manual inputs into this field will be ignored
Object Groups
The Object groups export works the same as the Access rules except the Criticality column will accept ‘Low’, ‘Medium’, ‘High’ or can be left blank.
Importing Metadata
Once the file is updated and saved, the user can use the +Import function or simply drag and drop the file into the workspace for upload.
Only metadata fields that have been added or changed will be imported. A time stamp and username of the importer will be applied when imported. The results will be viewable in the report after processing is complete and the report has been refreshed. Updates to comment and metadata history, standard NP-View fields and expanded objects will be ignored upon import.
Note that the import keys on multiple fields to match data. The following fields are required in the file to properly import.
- Object ID
- Comment
- Comment Status
- Comment Author
- Comment Date
