Over the course of the Corona pandemic, many organizations have needed to find a way to share company data confidentially with employees in their home offices. Most businesses rely on virtual private networks (VPN) for this purpose. This gives employees access to the company network via the internet through encrypted, virtual tunnels. VPN servers are the basis for this. VPN server monitoring is consequently important. In this blog post, I would like to show you what needs to be considered and how to implement the necessary measures.
What are VPN servers?
VPN servers are essential for the operation of virtual networks. They are used to determine the encryption mechanisms and ensure that the clients' virtual tunnels to the network are properly protected. The VPN server checks user credentials and the requests from the clients. The VPN server also sends the requested data and information back to the user after it has been checked.
You can relatively easily set up VPN servers as software servers under almost any server operating system. Operating systems such as Windows come with their own on-board tools for this purpose, but you can also install an additional server application to start a VPN server. In most cases, however, VPN servers are part of network devices, such as firewalls.
This belongs in VPN server monitoring
VPN server monitoring is always about more than monitoring a single server service. It is important to continually keep an eye on the VPN server's resource requirements. The demand depends on the number and activities of the VPN clients. You must therefore always monitor the hardware load on the server host and adjust this as required.
You can build a good foundation for monitoring the actual VPN servers with the Checkmk agents and monitoring via SNMP or other interfaces. With the agents you keep an eye on the operating system and applications, with SNMP you monitor hardware data. This way of server monitoring is therefore also suitable for the monitoring of VPN servers. In addition to important metrics such as CPU utilization and main memory utilization, you can also keep an eye on the status of the network interfaces.
If the VPN server is part of a firewall, monitoring via agents is often not an option because the firewall manufacturer does not allow agents to be installed. Firewall appliances, however, usually provide monitoring data via SNMP or other interfaces. It is important to keep an eye on these, because the hardware must be sufficiently large. For this reason, VPN server monitoring also includes monitoring your firewalls. This is the only way to ensure the optimal operation of your VPN.
Checkmk comes with numerous integrations for monitoring VPN servers on network devices such as firewalls. Among the 2,000 monitoring integrations are plug-ins for network devices from manufacturers such as Aruba, Cisco, Dell or Linksys, and for firewalls from providers such as Check Point or Palo Alto.
Compared to other types of servers, monitoring the configuration and the network environment is much more important. You should therefore also consider the user's route via the Internet to the VPN server in your network. Make sure that you monitor all components on this route.
Ahead of the actual VPN server, for example, there are other network devices that are under load through use. If your network bandwidth is not sufficient, this slows down the users. In this case, your VPN server may be in the green zone and functioning, but the network will be overloaded, and information will only be distributed slowly. There are many stumbling blocks, especially in the network. You can read more details on this topic in the blog post on VPN monitoring.
In addition, with Checkmk you can take care of bottlenecks and other potential problems before they become a real issue. You can also precisely localize the source of faults and will not be inundated with unnecessary alerts from the monitoring. Thanks to the many available integrations, setting up and even mapping dependencies in Checkmk is no problem.
And if you provide workstations for your employees via virtual desktop infrastructure (VDI), you can also monitor these with Checkmk. Suitable monitoring integrations for Citrix and other remote workplace solutions are available.