This quide explains how hosts, interfaces and other assets can be manually added to the platform.
Before you begin, make sure to make these steps:
We assume that you have an empty testing database if you want to try these commands. See fcpc db erase
In the real world, we are using collections to feed data into the model. This guide is using fcpc add, fcpc update and other commands to feed data manually, showing the key principles.
Let's start - Add tags into the platform
01 - Add tags into the platform
02 - Add hosts into the platform
03 - Create networks
04 - Create interfaces and link them to hosts
05 - Adding Layer4 - ports
06 - Adding persons and accounts
07 - Link hosts to networks
08 - Adding applications and groups
09 - Add vulnerabilities, CVEs and patches
10 - Showing impacts of objects
11 - Object hierarchy explained
12 - History, transactions and audit
# Create tags
fcpc tag add test:tag1
fcpc tag add test:tag2
fcpc tag add test:tag3
fcpc tag add test:value1/
fcpc tag add test:unique1=
# Create hosts
fcpc add host/fw name="Firewall" hostname="fw" description="Firewall" ip=1.2.3.1 tag=zone:internet,test:tag1
fcpc add host/nginx name="Web_server" hostname="nginx" description="Web server" tag=zone:dmz,criticality:high,test:tag2
fcpc add host/elastic name="DB_server" hostname="elastic" description="DB server" tag=zone:dmz,criticality:high,test:tag3
fcpc add host/kibana name="Reporting_server" hostname="kibana" description="Reporting server" tag=zone:internal,criticality:low
# Create networks
fcpc add l2network/vlan34 name="Vlan34" description="VLAN 34" tag=zone:internet
fcpc add l3network/dc name="DC_network" ipnet=192.168.1.0/24 tag=zone:internal
fcpc add l3network/dmz name="DMZ_network" ipnet=192.168.99.0/24 tag=zone:dmz
fcpc add l3network/perimeter name="Perimeter_network" ipnet=1.2.3.0/29 tag=zone:internet
# Create interfaces and link them to hosts
fcpc add l3interface/fw_eth0 name="Eth0_on_fw" description="External interface" ip="1.2.3.1" tag=zone:internet
fcpc add l2interface/fw_eth0 name="Eth0_on_fw" mac="00:01:02:03:04:05"
fcpc add l1interface/fw_eth0 name="Eth0_on_fw" description="Eth0 port on fw"
fcpc add l3interface/fw_eth1 name="Eth1_on_fw" description="DMZ interface" ip="192.168.99.1" tag=zone:dmz
fcpc add l2interface/fw_eth1 name="Eth1_on_fw" mac="00:01:02:03:04:06"
fcpc add l1interface/fw_eth1 name="Eth1_on_fw" description="Eth1 port on fw"
fcpc add l3interface/kibana_eth0 name="Eth0_on_kibana" ip="192.168.1.10" tag=zone:internal
fcpc add l3interface/elastic_eth0 name="Eth0_on_elastic" ip="192.168.1.20" tag=zone:internal
fcpc add l3interface/nginx_eth0 name="eth0_nginx" ip="192.168.99.10" tag=zone:dmz
fcpc add l3interface/nginx_eth1 name="eth1_nginx" ip="192.168.1.5" tag=zone:internal
fcpc link l1interface/fw_eth0 ~is-on host/fw
fcpc link l2interface/fw_eth0 ~is-on host/fw
fcpc link l3interface/fw_eth0 ~is-on host/fw
fcpc link l1interface/fw_eth1 ~is-on host/fw
fcpc link l2interface/fw_eth1 ~is-on host/fw
fcpc link l3interface/fw_eth1 ~is-on host/fw
fcpc link l3interface/kibana_eth0 ~is-on host/kibana
fcpc link l3interface/elastic_eth0 ~is-on host/elastic
fcpc link l3interface/nginx_eth0 ~is-on host/nginx
fcpc link l3interface/nginx_eth1 ~is-on host/nginx
# Adding Layer 4 ports
fcpc add l4interface/fw_udp_500 name="Port 500 on FW" description="Port 500 on fw" ipprotocol=udp ipport=500 tag=zone:internet
fcpc add l4interface/kibana_5600 name="Kibana port" ipprotocol="tcp" ipport=5600 tag=zone:internal
fcpc add l4interface/elastic_9200 name="Elastic port" ipprotocol="tcp" ipport=9200 tag=zone:internal
fcpc add l4interface/elastic_9201 name="Elastic SSL port" ipprotocol="tcp" ipport=9201 tag=zone:internal
fcpc add l4interface/nginx_443 name="Nginx HTTPS port" ipprotocol="tcp" ipport=443 tag=zone:dmz
fcpc link l4interface/fw_udp_500 ~is-on host/fw
fcpc link l4interface/kibana_5600 ~is-on host/kibana
fcpc link l4interface/elastic_9200 ~is-on host/elastic
fcpc link l4interface/elastic_9201 ~is-on host/elastic
fcpc link l4interface/nginx_443 ~is-on host/nginx
# Adding persons and accounts
fcpc add person/person1 name="johnacme" givenname="John" surname="Acme" email=john@acme.com
fcpc add person/person2 name="billmatch" givenname="Bill" surname="Match" email=bill@acme.com
fcpc add person/person3 name="peternone" givenname="Peter" surname="None" email=peter@acme.com
fcpc add person/admin1 name="superpower" givenname="Super" surname="Power" email=superpower@acme.com
fcpc add account/fw_johnacme name=johnacme email=john@acme.com
fcpc add account/kibana_billmatch name=billmatch email=bill@acme.com
fcpc add account/nginx_peternone name=peternone email=peter@acme.com
fcpc add account/nginx_sp name=sp email=superpower@acme.com
fcpc add account/fw_sp name=sp email=superpower@acme.com
fcpc add account/kibana_sp name=sp email=superpower@acme.com
fcpc add account/elastic_sp name=sp email=superpower@acme.com
fcpc link account/fw_johnacme ~is-on host/fw
fcpc link account/kibana_billmatch ~is-on host/kibana
fcpc link account/nginx_peternone ~is-on host/nginx
fcpc link account/fw_sp ~is-admin host/fw
fcpc link account/kibana_sp ~is-admin host/kibana
fcpc link account/nginx_sp ~is-admin host/nginx
fcpc link account/elastic_sp ~is-admin host/elastic
fcpc job execute personlinker
# Link hosts to networks
fcpc link l3interface/fw_eth0 ~is-in l3network/perimeter
fcpc link l3interface/fw_eth1 ~is-in l3network/dmz
fcpc link l3interface/kibana_eth0 ~is-in l3network/dc
fcpc link l3interface/elastic_eth0 ~is-in l3network/dc
fcpc link l3interface/nginx_eth1 ~is-in l3network/dc
fcpc link l3interface/nginx_eth0 ~is-in l3network/dmz
fcpc link L2Interface/fw_eth0 "~is-in" l2network/vlan34
# Adding applications and groups
fcpc add application/vm name="Vulnerability Management"
fcpc add application/qualys name="Qualys VM"
fcpc add application/reporting name="Reporting"
fcpc add group/admins
fcpc add group/users
fcpc add group/mixed
fcpc add group/subgroup
fcpc link application/vm ~depends application/qualys tag=test:tag1
fcpc link application/vm ~depends application/reporting tag=test:tag2
fcpc link application/reporting ~depends host/kibana
fcpc link application/reporting ~depends host/fw
fcpc link application/reporting ~referenced-by l4interface/nginx_443
fcpc link host/kibana ~depends host/elastic
fcpc link Person/admin1 "~is-in" group/admins
fcpc link Person/admin1 "~is-in" group/users
fcpc link Person/person2 "~is-in" group/users
fcpc link Person/person3 "~is-in" group/mixed
fcpc link person/person1 "~is-in" group/subgroup
fcpc link person/person2 "~is-in" group/subgroup
fcpc link Host/fw "~is-in" group/mixed
fcpc link Group/subgroup "~is-in" group/mixed
# Add vulnerabilities, CVEs and patches
fcpc add vulnerability/qvuln4 name="Vulnerability4" severity=4
fcpc add vulnerability/qvuln5 name="Vulnerability5" severity=5
fcpc add vulnerability/qvuln6 name="Vulnerability6" severity=4
fcpc add cve/cve1 name="CVE1"
fcpc add cve/cve2 name="CVE2"
fcpc add cve/cve3 name="CVE3"
fcpc add patch/patch1 name="Patch1"
fcpc link vulnerability/qvuln4 ~is-in host/elastic
fcpc link vulnerability/qvuln5 ~is-in host/kibana
fcpc link patch/patch1 ~remediates vulnerability/qvuln4
fcpc link patch/patch1 ~remediates vulnerability/qvuln5
fcpc link vulnerability/qvuln4 "~refers" cve/cve1
fcpc link vulnerability/qvuln5 "~refers" cve/cve2
fcpc link vulnerability/qvuln6 "~refers" cve/cve2
fcpc link vulnerability/qvuln6 "~is-on" l4interface/kibana_5600