Cisco VPN Concentrators

Version: Cisco VPN 3000 Series Concentrators and later.

Cisco VPN Concentrators provide your business with unprecedented cost savings through flexible, reliable, and high-performance remote-access solutions. The Cisco VPN offers solutions for the most diverse remote-access deployments by offering both IP Security (IPsec) and Secure Sockets Layer (SSL) VPN connectivity on a single platform.

Cisco VPN concentrators syslog feature allows you to forward log messages to Netsurion Open XDR. Once the Cisco VPN concentrators has been configured to send syslog to Netsurion Open XDR Manager alerts, reports and dashboard can be configured.

Netsurion Open XDR has inbuilt Data Source Integrations which will allow you to monitor the required activity events. Some of them are listed below.

  • Monitoring authentication activities.
  • Monitoring DHCP server events.
  • Monitoring DNS events.
  • Monitoring different types of VPN tunnels.
  • Monitoring Cisco VPN concentrators hardware unit and so forth

Once events are successfully received by Netsurion Open XDR alerts and reports can be configured based on your requirements.

The following are the key Data Source Integration available in Netsurion Open XDR.

Alerts

Type Name Description
Security CISCO VPN: Admin Access – Authentication failure This alert is generated when an admin user failed to login.
Security CISCO VPN: Admin Access – Authorization failure This alert is generated when user authorization failure occurs.
Security CISCO VPN: Memory allocation failed This alert is generated when memory allocation failed.
Security CISCO VPN: Admin Access – Access control lookup failure This alert is generated when access control lookup failure occurs.

Reports

Type Name Description
Security Cisco VPN: Authentication This category based report provides the information about VPN authentications.
Security Cisco VPN: DHCP subsystem This category based report provides the information related to DHCP server.
Security Cisco VPN: SSL subsystem This category based report provides the information related to SSL VPN.
Security Cisco VPN: L2TP subsystem This category based report provides the information related to L2TP tunnel.
Security Cisco VPN: PPTP subsystem This category based report provides the information related to PPTP tunnel.
Security Cisco VPN: OSPF subsystem This category based report provides the information related to OSPF routing.
Security Cisco VPN: WebVPN sessions This category based report provides the information related WebVPN sessions.

Documentation

The configuration details are consistent with Netsurion Open XDR 7.x and later, and Cisco VPN Concentrators.

Download Integration Guide for configuration instructions and more information.