ANA Integration

ANA is a continuous auditing system developed by the CCN-CERT. It analysis common vulnerabilities. Moreover, it centralizes and standardizes all the security inspections carried out. This integration between EMMA (openNAC) and ANA will allow EMMA to gather more information about the network devices.

The following figure illustrates the information flow (Offline Mode).

The information is encrypted and decrypted using keys in order to secure it. The following list provides a description of the whole proccess.

1. The user adds the network devices to the CMDB
2. Then the Network Device Compliance tests are executed on the network devices. The corresponding TAGs are created and assigned to them.
3. Then the user exports this data using the ANA format. This export is encrypted using ANA’s public key.
4. Afterwards the user downloads the export.
5. Then the user will import the file into ANA
6. ANA will decrypt the data using ANA’s private key
7. ANA will process this information and search for vulnerabilities that the network devices might contain based on manufacturer/model/version/etc.
8. Afterwards ANA will generate a new file containing this information. This file is encrypted with EMMA’s public key.
9. The user will then import this file into EMMA. EMMA will decrypt the file using EMMA’s private key.
10. The file is then processed and the new TAGs are assigned to the network devices.

Keys:

in order to create or import ANA’s public key the user can go to Configuration → Configuration vars → Advanced

In the left panel the user can create a new pair of keys. On the right panel, the user can upload ANA’s public key.

In both cases the user can enable the use of this keys using their respective slider.