A NetBox plugin for documenting network security policy: rulebooks, zones, and NSM object links

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for ChristianBur from gravatar.com ChristianBur

Unverified details

These details have not been verified by PyPI
Meta
  • Author: Christian Burmeister
  • Tags netbox , netbox-plugin , security
  • Requires: Python >=3.12
Classifiers
Report project as malware

Project description

netbox-nsm

NetBox plugin for security policy documentation (zones, rulebooks, object links).
No firewall push — inventory and policy only.

Status: WIP · NetBox: 4.5–4.6 · Plugin: 0.4.3 · Requires: netbox-custom-objects

Features

  • Security Panel on prefix, IP, device, VM, custom objects — + Assign for zones, addresses, …
  • Rulebooks with flexible columns (zones, addresses, labels, …)
  • Rules — table, grouping, zone matrix
  • IP Analysis — address resolution (panel loupe or /plugins/netbox-nsm/ip-analysis/)
  • Object Analyzer — graph from any NetBox object

Screenshots

Setup — import COT types and run demos:

Setup wizard

Object config — nsm_config per COT type:

Object config

Rulebooks list and detail (fields, enforcement targets):

Rulebooks

Rulebook detail

Rules tab — zone grouping (Starter demo, 62.5k rules) and address-based rules:

Rules by zone

Rules by address

Zone matrix — permit/deny between zones:

Zone matrix

IP Analysis — destination tree with merge/diff:

IP Analysis

Installation

pip install netbox-nsm

PLUGINS = ["netbox_custom_objects", "netbox_nsm"]

PLUGINS_CONFIG = {
    "netbox_nsm": {
        "menu_label": "Security",
        "panel_label": "Security",
        "setup_menu": True,
        "setup_allow_destructive_actions": True,  # demos only; disable in prod
    },
}

./manage.py migrate netbox_custom_objects --no-input
./manage.py migrate netbox_nsm --no-input

First run

Security → Configuration → Setup — sections 1 → 2 → 3 (labels, COTs, type configs), then optional 4 Starter demo.

Then: open a prefix → Security Panel → + Assign → zone. Rulebooks under Security → Rulebooks.

Details: docs/using_netbox_nsm.md

API

/api/plugins/netbox-nsm/nsm-configs/<slug>/, object-links/, ip-analysis/
Rules and policy objects: netbox-custom-objects API.

Demos

Demo Where Notes
Starter Setup §4 Sync; recommended — zone matrix + addresses schema
Enterprise DC Setup §4 Empty IPAM DB only
Addresses Million Scale CLI scripts/create_addresses_million_scale.py Bench; RQ worker required

Documentation

File Topic
docs/using_netbox_nsm.md Operations
docs/DATABASE.md PostgreSQL tables
docs/RULE_DATA_STORAGE.md UI vs DB data model
ARCHITECTURE.md Code (developers)
CHANGELOG.md Versions

License

LICENSE

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for ChristianBur from gravatar.com ChristianBur

Unverified details

These details have not been verified by PyPI
Meta
  • Author: Christian Burmeister
  • Tags netbox , netbox-plugin , security
  • Requires: Python >=3.12
Classifiers

Release history Release notifications | RSS feed

This version

0.4.4

0.4.3

0.4.1

0.4.0

0.3.2

0.3.1

0.3.0

0.2.5

0.2.3

0.2.2

0.2.0

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

netbox_nsm-0.4.4.tar.gz (439.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

netbox_nsm-0.4.4-py3-none-any.whl (577.6 kB view details)

Uploaded Python 3

File details

Details for the file netbox_nsm-0.4.4.tar.gz.

File metadata

  • Download URL: netbox_nsm-0.4.4.tar.gz
  • Upload date:
  • Size: 439.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for netbox_nsm-0.4.4.tar.gz
Algorithm Hash digest
SHA256 9cf38f20ba29bee1f76c57657b5ae7b0d38c52c898a6476cdf03ddcb7d94e2dc
MD5 2163c502c4489e918566d1a3721b969a
BLAKE2b-256 224443e8010d5a750c491df197f38305249ab043bbf626f1d2930c24ee543608

See more details on using hashes here.

Provenance

The following attestation bundles were made for netbox_nsm-0.4.4.tar.gz:

Publisher: publish.yml on christianbur/netbox-nsm

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file netbox_nsm-0.4.4-py3-none-any.whl.

File metadata

  • Download URL: netbox_nsm-0.4.4-py3-none-any.whl
  • Upload date:
  • Size: 577.6 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for netbox_nsm-0.4.4-py3-none-any.whl
Algorithm Hash digest
SHA256 0e2cba11b14376b7ef63552d0ca02ad4e25636a7d89a1f23da3ebe7e519fc0e8
MD5 d7697e5ef9b22769c66c23303eacab74
BLAKE2b-256 e9ccd412c051e3ab2f192eee94fce675854416f55cd13ca1162ce74ebf43a0ec

See more details on using hashes here.

Provenance

The following attestation bundles were made for netbox_nsm-0.4.4-py3-none-any.whl:

Publisher: publish.yml on christianbur/netbox-nsm

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page