Main
>
Feature Documentation
>
Identifying Risks

Identifying Risks

Updated
February 24, 2024

Risk and Warnings are generated using Policies and Requirements located in the Policy Manager.  NP policies and requirements are automatically assigned to all devices when they are imported and run when network device configuration changes are identified.

The following default policies are provided for all Compliance modules:

  • Default Parser Risk Policy – triggers from device configuration file parser log.
  • Default Access Rules Risk Policy – triggers from access rules report

CiS Benchmarks are provides as part of the Best Practices Module

  • CiS Benchmark for Check Point
  • CiS Benchmark for Cisco
  • CiS Benchmark for Juniper
  • CiS Benchmark for Palo Alto

Policy Management

Each policy is broken down into a set of requirements that are used to identify potential network risks. Review the details of the Policy Manager in this section.

Risk Assessment Grading

At any given time, a monitored device can have one or more open risks or warnings. This information is used by our Grading algorithm to provide each device with a letter grade. The quantity, criticality and type of open risks and warnings go into the calculation.

This grade informs the users which devices have the highest security or compliance risks. The lower the letter grade, the higher the risk.

The grade for each monitored device can be seen by clicking on a device on the topology map and reviewing the Risk Assessment Grading on the device menu. Clicking on the menu item displays the details that went into the grade.

An depiction of the data flow is as follows:

Calculating Device Risk Grade

+

The Device Risk Grade is calculated using the following weights:

  • High = 5
  • Medium = 3
  • Low = 1

The Device Risk Grade is calculated using a simple equation, for example: (5 high * 5) + (1 low * 1) = 26 -> 100 – 26 = 74 -> C

  • 90 -> 100 = A
  • 80 -> 89 = B
  • 70 -> 79 = C
  • 60 -> 69 = D
  • Else F

Issue Status is used to exclude both Resolved and Fixed issues from the calculation.

Related

Feature Documentation

Articles

Access Rules Report
Asset Inventory Report
Background Tasks
Change Tracking Report
Connectivity Matrix
Connectivity Paths Report
Compare Path History
Export Map
Highlight Paths
Importing and Exporting Data
Interfaces Report
Manage Views
Manage Zones
NAT Rules Report
Network Visualization
Network Visualization - Layer 2
Notification Manager (Server)
Object Groups Report
Path Analysis
Policy Manager
Risks & Warnings Report
Routes Report
Rule Usage Analysis (Server)
Smart Search
Summary Reports
System Logs
Topology Annotations
Topology Map
Users & Groups (Server)
Verified Assets
Workspaces
Workspace Reports
Zone Matrix
Access Rules Report
Asset Inventory Report
Background Tasks
Change Tracking Report
Connectivity Matrix
Connectivity Paths Report
Compare Path History
Export Map
Highlight Paths
Identifying Risks
Importing and Exporting Data
Interfaces Report
Manage Views
Manage Zones
NAT Rules Report
Network Visualization
Network Visualization - Layer 2
Notification Manager (Server)
Object Groups Report
Path Analysis
Policy Manager
Risks & Warnings Report
Routes Report
Rule Usage Analysis (Server)
Smart Search
Summary Reports
System Logs
Topology Annotations
Topology Map
Users & Groups (Server)
Verified Assets
Workspaces
Workspace Reports
Zone Matrix
Table of Contents
Example H2
Example H3
Example H4
Example H5
Example H6
Solutions
NP-View
Network Visibility
Network Auditing
Network Segmentation
NERC-CIP Compliance
Resources
Blog
White Papers
Case Studies
Product Walkthrough
All Resources
Company
About
Partnerships

© 2024 Network Perception. All Rights Reserved.

Privacy PolicyTerms of ServicePCI Compliance