Automating security audit checks for networking devices using Ansible
We have seen that Ansible lends itself really well to work with a variety of tools, and we can use this to do security audit checks for networking devices.
Nmap scanning and NSE
Network Mapper (Nmap) is a free open source software to perform network discovery, scanning, audit, and many others. It has a various amount of features such as OS detection, system fingerprinting, firewall detection, and many other features. Nmap Scripting Engine (Nmap NSE) provides advanced capabilities like scanning for particular vulnerabilities and attacks. We can also write and extend Nmap using our own custom script. Nmap is a swiss army knife for pen testers (security testers) and network security teams.
Note
Read more about Nmap at https://nmap.org. Ansible also has a module to perform the inventory using Nmap https://github.com/ansible/ansible/pull/32857/files.
The following playbook will install Nmap if not available and perform the basic...