- RNP - Rede Nacional de Ensino e Pesquisa
- Academic Sector
The goal of OpenNetAudit is to develop an application for network security auditing that allows users to check configuration and software objects following security best practices. The software will be composed of the most modern libraries, such as Napalm, Nornir, Netmiko, supporting standard formats such as yaml and json, to interact with network devices in an abstract manner. This is an open and broad solution to audit network security. OpenNetAudit will enable network admins and security analysts to audit their network devices, receive feedback of well-known security best practices, and create custom rules to check specific aspects of their networks. The OpenNetAudit software is being developed to be used at the RNP network (Brazilian NREN) to audit its networking devices. RNP has developed a MVP; FRIDA funding will be used to add more fields to the system database and implement a hierarchy of objects (users, groups and sites); add filters to perform customized audits, enabling users to perform audits in subgroups; develop robust reports and a vulnerability tracking tool; add more vendors (Cisco, Huawei, etc.) to the devices supported by the system; add custom rules for auditing; and write up related software documentation.