What is the best technology for monitoring VPN traffic? Are there certain considerations my company should take...
into account when choosing a VPN monitoring product? What are some of the top vendors in this category, and are there any open source or free options?
When it comes to VPN traffic monitoring, the most important considerations your organization needs to think about are first, what are you trying to accomplish, and second, what are your requirements?
From a high-level perspective, you might want to monitor:
- General connection information (for example, who, what, when, where and how long);
- Connection problems (such as failures, retries and so on);
- Security attacks, anomalies and other questionable behavior (including large resource usage or packets sent/received by a specific host); and
- Application usage over the VPN connection.
Specific requirements might include:
- Ease of use;
- Client- or network-based;
- Integration with your existing technologies (such as VPN type(s), security information and event management systems, data loss prevention tools, among others);
- Visibility and controls;
- Auditing and reporting capabilities; and
Depending on what's required, your enterprise might already have the means to monitor its VPN traffic. It could be built right into your VPN concentrator, firewall or server.
While I can't speak for "top" vendors, I can recommend a few free and open source products that may be worth considering depending on your needs: CiscoWorks VPN Monitor, Nagios's VPN plug-ins, VPNTTG or VPN Watcher. I've seen these tools in action and they can certainly serve a great purpose for small startups to larger enterprises.
Ask the Expert:
Want to ask Kevin Beaver a question about network security? Submit your questions now via email. (All questions are anonymous.)
Dig Deeper on VPN security
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.