NAVV Tool: Network Architecture Verification & Validation Tool

Automates network traffic analysis using Zeek IDS logs, generating an Excel summary for easy data sorting and analysis.
Technology No. CW-21-40
The NAVV Tool automates the analysis of network traffic observed using Zeek IDS software. It creates a summary table in Microsoft Excel by collating and dissecting logs. The table can be updated with network segments and inventory information. The tool helps identify unauthorized communication between network segments, services and protocols used, and the status of connections. It is a simple open-source solution for network analysis. The Excel spreadsheet generated by the NAVV Tool allows easy sorting and finding of relevant data. The Analysis Table includes columns for network flow count, source and destination IP addresses, destination port, protocol, and connection state. Additional columns for source and destination names, service, and notes are also added. The tool can be re-run to match segments and inventory with IP addresses and labels. Cell and font colors can be used for sorting by network zones and IP values. The tool was initially created as a VBA script in an Excel worksheet and later moved to Python. It can be installed on a Linux machine to analyze network traffic.

GitHub repository: https://github.com/idaholab/NAVV
  • swap_vertical_circlemode_editAuthors (3)
    Donovan Nichols
    Seth Grover
    Timothy Wakeman
  • swap_vertical_circlecloud_downloadSupporting documents (0)
Questions about this technology?