Virtual private networks (VPN) have long been a remote worker and IT pro’s dream. Image connecting to the home office as if you were right there, with the same exact level of security and services. This is especially critical in the age of COVID when remote work is now the rule rather than the exception. All these remote workers need full access to company resources without threatening those same assets.
VPNs have far more applications, providing secure communications through encrypted tunnels for myriad use cases.
So, what exactly is a VPN? Let’s go to the leader in networking hardware and software for the answer. “A virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely,” explained Cisco.
What is VPN Monitoring?
While VPNs offer security, they are only safe when working properly. Meanwhile employees can only work properly when the VPN is operational. IT simply can’t fly blind when it comes to VPNs, but needs to know what VPN gear, software and services are in place, how they are used, and their status.
How exactly do you do that? VPN monitoring of course! With VPN monitoring you can track your virtual private network’s (VPN) connections, their paths, and all available tunnels. Not only do you know if they are working, you can gather performance KPIs and metrics such as tunnel flap (the VPN going up and down in rapid succession) and latency. Keep in mind, VPN performance dictates end user performance. The internet may be fine, and the user’s connection perfect, but if the VPN is lagging, none of that matters.
VPN monitoring examines the health of all related VPN devices that constitute the private network, and monitors VPN traffic making sure all this data moving through VPN network is done so without delay and all information is encrypted.
At the same time, VPN monitoring can use network traffic monitoring to show which users consume the most VPN resources so bandwidth can be allocated accordingly.
VPN and Network Monitoring
There are those that buy discrete or separate VPN monitoring tools (the same goes for firewall monitoring), but this is not the best approach. Do you want a separate piece of software to monitor each aspect of your network? Where would it ever end?
A better approach is a full, rich networking monitoring solution that looks at your VPN in the context of the entire network and shows all tracked assets through one dashboard.
Why is VPN Monitoring Essential?
VPN monitoring the only way to ensure proper, safe VPN performance and availability. Ideally, you’ll want to have firewall monitoring as well to make sure the firewall as a VPN ingress/egress controller is doing its job as well. Battling VPN Bandwidth Blues VPN monitoring should look at more than just availability. “Networks teams that monitor VPN traffic should look at factors like application usage and overhead,” according to TechTarget’s Best Practices for VPN Traffic Monitoring. “Demand for VPNs and other remote access technologies means that, among other things, bandwidth usage has increased dramatically from pre-pandemic levels. This increased demand means network professionals must carefully monitor and analyze bandwidth usage levels to ensure bandwidth is available for all users and that devices using excessive bandwidth can be identified and adjusted as needed.”
VPN monitoring should look not just as devices, but what is going across the network. “Devices should measure network traffic across VPNs by analyzing bandwidth and packet routing metrics. They should be able to trace and display network traffic using pre-configured and customizable parameters. Alerts should be programmable to identify when abnormal conditions exist. If possible, the system should be able to map the entire network infrastructure, as displaying all routes and devices helps quickly identify issues to address,” TechTarget argued.
This VPN network traffic analysis allows IT to optimize traffic flows, perhaps by adding capacity to eliminate choke points or use bandwidth shaping to adjust traffic priorities.
When it comes to VPN performance, don’t forget the WAN. “If you want to keep tabs on the bandwidth your VPN is using, as well as the health of your WAN and your network writ large, you’ll want to monitor your WAN bandwidth usage, as well as VPN access closely. With any monitoring tool, you should be able to use SNMP polling or traps to monitor VPN tunnel up/down status, but you should also try to collect username, IP address, local address, client version, duration connected, start/end time of connection, and bandwidth usage, where possible. That way you can stay on top of total VPN connections, identify bandwidth hogs, and determine when you'll need added capacity—all before things start to go south for users,” explained WhatsUp guru Jason Alberino in his How to Monitor a CISCO ASA VPN blog. “General bandwidth monitoring is a good idea. Real-time monitoring allows administrators to identify interfaces/links/applications/users/protocols taking up bandwidth and will let you identify waste and free up resources for business-critical applications. With a network monitoring tool like WhatsUp Gold, you can track bandwidth usage over all areas of the network – devices, applications, servers, link connections, leased lines etc, and get insight into network bandwidth utilization and traffics analysis.”
The Cisco VPN Example
Cisco is perhaps the leader in VPN technology and the Cisco ASA is a popular solution. As mentioned, last year WhatsUp Gold guru Joseph Alberino blogged about troubleshooting these devices. This serves as an example of how to monitor, troubleshoot and ultimate remediate other VPN problems.
A key Alberino point: WhatsUp Gold does far more than keep your VPN in check. “WhatsUp Gold is a complete network monitoring solution that allows you to monitor your critical systems, both on-premises and in the cloud. WhatsUp Gold is highly customizable and flexible. With WhatsUp Gold, not only can we monitor the status of Zoom but we can also monitor the availability of your network infrastructure, server infrastructure, storage infrastructure, and much more,” Alberino argued. “WhatsUp Gold allows you to monitor anything that we can populate data about. It doesn't matter if that data is from on-premises systems like your routers, switches, firewalls, and servers or cloud environments such as AWS, Azure, or Meraki as well as SaaS (Software as a Service) solutions such as Zoom, WebEx, or Office 365.”
There are various ways to monitor a device such as a Cisco ASA VPN, but Alberino suggests using SNMP traps. “WhatsUp Gold accepts SNMP traps using ‘Passive Monitors’. Passive Monitors allow you to listen for SNMP traps, Syslog messages, or Windows Events. You also have the ability to tie back ‘Actions’ to the received passive monitors, which can include everything from simply e-mailing about the problem to running corrective actions using commands sent by WhatsUp Gold’s SSH action,” Alberino’s blog explained.
VPN Activity Monitoring
VPN monitoring is not designed to closely track end user activity. In fact, the whole idea behind a VPN is privacy, thus the ‘Private’ in Virtual Private Network.
VPN monitoring can, however, track activity and traffic. The VPN Activity Monitoring can see and log basic connection information, IP address, websites connected to, and amount of data transferred.
WhatsUp Gold Live Activity displays activity occurring in all areas of the application across your network monitoring environment in near real-time, including:
- Category. The area of WhatsUp Gold in which the individual activity occurred (e.g., Monitor, Log, System).
- Component. The individual element item within the specified category generating the activity (e.g., device/monitor name, log entry, service).
- Severity. Indicates if the activity is being reported as Information, Warning, or Critical.
- Message. Provides additional details about the specific activity that occurred.
- Elapsed Time. Reports the amount of time that has passed since the specific activity occurred.
VPN Tunnel Monitoring
VPN Tunnel Monitoring lets you track tunnels which are secure links between gateways, and protects connections between your gateways and your remote users. VPN Tunnel Monitoring discovers connectivity and performance issues so they can be resolved quickly.
The WhatsUp Gold VPN (and more) Solution
WhatsUp Gold delivers comprehensive and easy-to-use application and network monitoring that allows you to turn network data into actionable business information. By proactively monitoring all critical network devices and services, WhatsUp Gold reduces costly and frustrating downtime that can impact your business. With an all-new web-based interface, WhatsUp Gold lets you take control of your network infrastructure and applications for the important strategic work that drives results. In a marketplace overwhelmed with complexity, WhatsUp Gold provides simple deployment, robust scalability, groundbreaking usability, and fast return on investment.