Documentation

Purpose: Automate network device data collection, configuration validation, and security/compliance checks

This application provides a comprehensive view of your network device, like a switch or router, and helps ensure that device configuration is free from vulnerability. The application also allows for automated remediation of any issues found during the checks.

Audience: Network engineers, security analysts, and infrastructure teams

This light application is designed to streamline the security process and improve overall network performance. It helps security teams quickly identify vulnerabilities and weaknesses in their network infrastructure. It also provides recommendations for how to address and mitigate these issues effectively.

Technology Stack: Netmiko, PyQt5 (for GUI), Python 3.9 , and Cisco IOS

Application is based on the latest technology stack for optimal performance and efficiency. The application uses Netmiko and PyQt5 to interact with Cisco IOS devices and automate CLI operations. The list of python library requirements is as stated below:

Netmiko (for CLI automation)

Netmiko is a Python library designed to simplify SSH-based interactions with network devices. Built on top of the Paramiko library, it provides an abstraction layer to handle the complexities of CLI automation, enabling seamless communication with a wide range of networking equipment, including Cisco IOS devices.

Key Features of Netmiko:

Multi-Vendor Support: Supports various network device vendors, including Cisco, Juniper, Arista, and more.

Reliable SSH Connectivity: Manages SSH sessions with error handling and reconnection logic.

Command Execution: Enables the execution of CLI commands, configuration changes, and data retrieval.

Configuration Management: Facilitates "send_config_set" for bulk configuration changes.

File Transfer: Supports SCP for transferring files to/from devices.

How Netmiko is Used in the NetSafe Auditor Application:

Device Interaction: Establishes SSH connections to Cisco IOS devices for executing commands.

Automation of Tasks: Automates repetitive tasks like configuration retrieval, auditing, and applying changes.

Data Collection: Gathers device data (e.g., running configurations, interface status) for analysis.

Error Management: Ensures robust execution with built-in retries and exception handling.

Netmiko forms the backbone of the application's automation capabilities, handling all device-facing operations efficiently and securely.

PyQt5 (for GUI)

PyQt5 is a comprehensive set of Python bindings for the Qt application framework, enabling the development of cross-platform graphical user interfaces. It provides a rich set of tools to create highly interactive and visually appealing desktop applications.

Key Features of PyQt5:

Cross-Platform Compatibility: Runs seamlessly on Windows, macOS, and Linux.

Wide Range of Widgets: Offers a variety of prebuilt widgets for buttons, tables, forms, and more.

Customisability: Allows for extensive customisation of the interface.

Event Handling: Simplifies the implementation of user interactions and application logic.

Advanced Features: Includes support for threading, network operations, and database integration.

How PyQt5 is Used in the NetSafe Auditor Application:

User Interface Design: Provides a clean, intuitive GUI for users to interact with the application.

Features: Devices can be scanned, configurations can be audited, and vulnerabilities can be assessed through user-friendly menus, buttons, and forms.

Real-Time Feedback: Displays results (e.g., audit reports, configuration details) dynamically using widgets like tables and graphs.

Input Handling: Accepts user input for tasks like specifying device IPs, credentials, or configuration standards.

Threading Integration: Ensures the GUI remains responsive even during long-running network operations, such as scanning or auditing.

PyQt5 transforms the NetSafe Auditor application's functionality into a user-friendly experience, making it accessible to network engineers without requiring deep technical expertise.

Python 3.9 - Requirements

Python 3.9 serves as the foundation for the NetSafe Auditor application, offering stable features and performance enhancements that ensure optimal application efficiency and maintainability.

Key Features of Python 3.9:

Enhanced Syntax: Includes features like dictionary union operators (|), type hinting improvements, and more.

Rich Standard Library: Provides stable built-in modules for file handling, threading, logging, and network communication.

Third-Party Ecosystem: Access to a vast array of libraries like Netmiko and PyQt5.

Performance Improvements: Enhanced performance and memory usage compared to earlier versions.

How Python 3.9 is Used in the NetSafe Auditor Application:

Core Logic: Powers the application's main functionalities, from CLI automation to data processing.

Library Integration: Integrates Netmiko for network automation and PyQt5 for GUI development.

Data Handling: Uses Python's data structures and libraries to process and analyse device configurations.

Cross-Compatibility: Ensures the application runs seamlessly across multiple platforms with minimal changes.

Python 3.9 provides the adaptability with stability and power needed to develop a scalable and maintainable application.

Supported Platforms: Cisco (initial support), Juniper, MikroTik (planned)

Currently the application supports Cisco routers and switches. Integration with Juniper and MikroTik devices will be available in future updates.

Deployment Options: Bare metal, Docker container, or VM

Application is being tested in VMWare lab integration and on physical Cisco hardware. Testing on Juniper and MikroTik devices is expected to be completed by the end of the next few months.

System Requirements for the Application

To ensure optimal performance and functionality of the NetSafe Auditor application, the following Python packages are required. However, as the application is provided as a compiled executable (EXE) for Windows, end users do not need to install these packages separately. The necessary dependencies are bundled within the executable, allowing for a seamless user experience.

Required Python Packages (for compilation only):

netmiko: A multi-vendor library that simplifies SSH connections to network devices.

sqlite3: A lightweight database engine that is included with Python, used for data storage and retrieval.

pprint: A module for "pretty-printing" Python data structures, making them easier to read.

colorama: A library that makes it easy to use coloured text in terminal applications.

 pandas: A powerful data manipulation and analysis library, ideal for handling structured data.

PyQt5: A set of Python bindings for the Qt libraries, used for creating graphical user interfaces (GUIs).

End User Instructions

No Installation Required: As the application is provided as a compiled executable (EXE) file, end users do not need to install Python or any additional libraries. Simply download the EXE file and run it directly on your Windows machine. For Linux systems, refer to the deb file. 

Compatibility: The application is designed to run on Windows and Linux operating systems. Ensure your system meets the basic requirements for running Windows/Linux applications.

User-Friendly: The application features a graphical user interface (GUI) built with PyQt5, making it easy to navigate and use without any technical knowledge.

By following these guidelines, you can enjoy the full functionality of the application without the hassle of installation or configuration.

Lab Setup

The Safe Auditor network automation and auditing application has been rigorously tested to ensure seamless functionality in both lab environments and real-world network settings. Designed to deliver reliability and flexibility, the application has been evaluated on the following platforms:

PnetLab: Tested in a simulated lab environment to replicate real-world network scenarios, ensuring full compatibility with virtualised network devices.

VMware: Verified on virtual machines running the application, proving its ability to operate efficiently in virtualised infrastructures.

Windows Systems: Fully tested on Windows and Linux-based systems, guaranteeing smooth operations for desktop users.

Physical Cisco Routers and Switches: Extensively tested on actual Cisco devices to validate real-world performance, compatibility, and full functionality.

Purpose and Versatility

The primary goal of testing across these platforms is to ensure the application:

Operates in Lab Environments: Enabling users to experiment, learn, and prepare for real-world deployment without risking production networks.

Excels in Real-World Networks: Providing robust automation, auditing, and vulnerability detection for live Cisco routers and switches.

Whether in a controlled lab setup or a live enterprise network, the application delivers its full suite of features, ensuring consistent, reliable, and efficient network management for all use cases.

PnetLab virtual lab guide (virtual machine deployment)

PnetLab (formerly known as "UnetLab") is a network emulator that allows you to run virtual network devices (Cisco, Juniper, Linux, etc.) for lab practice. Below are the steps to install it on VMware Workstation/Player on Windows.

Prerequisites

1. VMware Workstation Pro/Player (Download Here)

2. PnetLab OVA File (Download Here)

3. At least 8GB RAM (16GB+ recommended for larger labs)

4. 50GB+ Free Disk Space

5. VT-x/AMD-V Enabled in BIOS (for virtualization)

Step 1: Import PnetLab OVA into VMware

1. Open VMware Workstation/Player.

2. Click File → Open and select the downloaded .ova file.

3. Click Import and wait for the process to complete.

Step 2: Configure VM Settings

1. Right-click the imported VM and select Settings.

2. Adjust the following:

   • Memory (RAM): 8GB+ (Recommended: 16GB for smooth performance).

   • Processors: 2+ CPU Cores (4 recommended).

   • Network Adapter: Set to Bridged (for direct network access).

   • Hard Disk: Expand if needed (default is 40GB).

3. Click OK to save changes.

Step 3: Start the PnetLab VM

1. Power on the VM.

2. Wait for the boot process to complete (takes a few minutes).

3. The VM will display an IP address (e.g., 192.168.1.100). Note this IP.

Step 4: Access PnetLab Web Interface

1. Open a web browser on your Windows host machine.

2. Enter the PnetLab VM’s IP in the address bar (e.g., https://192.168.1.100).

3. Login Credentials:

   • Username: admin

   • Password: pnet (default)

Step 5: Upload Network Device Images (Optional)

PnetLab requires device images (e.g., Cisco IOS, Juniper vSRX).

1. Download images from vendor websites (e.g., Cisco VIRL, Juniper vMX).

2. In PnetLab’s web UI:

   • Go to "Templates" → "Manage Files".

   • Upload .qcow2 or .vmdk files for your devices.

Step 6: Create Your First Lab

1. Click "Labs" → "Add Lab".

2. Drag devices (routers, switches) from the left panel.

3. Connect them using cables (right-click devices → "Add Link").

4. Start devices and use the console to configure them.

Troubleshooting

• No IP Assigned?

  • Check VMware’s network settings (Bridged mode recommended).

  • Run ifconfig inside the PnetLab VM to verify connectivity.

• Slow Performance?

  • Increase RAM/CPU allocation in VMware settings.

  • Close unnecessary background apps.

• Web UI Not Loading?

  • Ensure HTTPS is used (https://[IP]).

  • Clear browser cache or try another browser.

Final Notes

• PnetLab is free but has a paid version with extra features.

• For Cisco IOS images, ensure you have legal access (e.g., CML/VIRL licenses).

• Consider bridged networking for external device access.

Let me know if you need help with specific device setups!