What is the best technology for monitoring VPN traffic? Are there certain considerations my company should take...
into account when choosing a VPN monitoring product? What are some of the top vendors in this category, and are there any open source or free options?
When it comes to VPN traffic monitoring, the most important considerations your organization needs to think about are first, what are you trying to accomplish, and second, what are your requirements?
From a high-level perspective, you might want to monitor:
- General connection information (for example, who, what, when, where and how long);
- Connection problems (such as failures, retries and so on);
- Security attacks, anomalies and other questionable behavior (including large resource usage or packets sent/received by a specific host); and
- Application usage over the VPN connection.
Specific requirements might include:
- Ease of use;
- Client- or network-based;
- Integration with your existing technologies (such as VPN type(s), security information and event management systems, data loss prevention tools, among others);
- Visibility and controls;
- Auditing and reporting capabilities; and
Depending on what's required, your enterprise might already have the means to monitor its VPN traffic. It could be built right into your VPN concentrator, firewall or server.
While I can't speak for "top" vendors, I can recommend a few free and open source products that may be worth considering depending on your needs: CiscoWorks VPN Monitor, Nagios's VPN plug-ins, VPNTTG or VPN Watcher. I've seen these tools in action and they can certainly serve a great purpose for small startups to larger enterprises.
Ask the Expert:
Want to ask Kevin Beaver a question about network security? Submit your questions now via email. (All questions are anonymous.)
Dig Deeper on VPN security
Related Q&A from Kevin Beaver
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading
The WannaCry TCP port 445 exploit returned the spotlight to Microsoft's long-abused networking port. Network security expert Kevin Beaver explains ... Continue Reading
While most mobile platforms provide levels of security from mobile cryptojacking, IT must still be aware of the risks and procedures to address an ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.