Cisco VPN Concentrators
Version: Cisco VPN 3000 Series Concentrators and later.
Cisco VPN Concentrators provide your business with unprecedented cost savings through flexible, reliable, and high-performance remote-access solutions. The Cisco VPN offers solutions for the most diverse remote-access deployments by offering both IP Security (IPsec) and Secure Sockets Layer (SSL) VPN connectivity on a single platform.
Cisco VPN concentrators syslog feature allows you to forward log messages to Netsurion Open XDR. Once the Cisco VPN concentrators has been configured to send syslog to Netsurion Open XDR Manager alerts, reports and dashboard can be configured.
Netsurion Open XDR has inbuilt Data Source Integrations which will allow you to monitor the required activity events. Some of them are listed below.
- Monitoring authentication activities.
- Monitoring DHCP server events.
- Monitoring DNS events.
- Monitoring different types of VPN tunnels.
- Monitoring Cisco VPN concentrators hardware unit and so forth
Once events are successfully received by Netsurion Open XDR alerts and reports can be configured based on your requirements.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
Type | Name | Description |
---|---|---|
Security | CISCO VPN: Admin Access – Authentication failure | This alert is generated when an admin user failed to login. |
Security | CISCO VPN: Admin Access – Authorization failure | This alert is generated when user authorization failure occurs. |
Security | CISCO VPN: Memory allocation failed | This alert is generated when memory allocation failed. |
Security | CISCO VPN: Admin Access – Access control lookup failure | This alert is generated when access control lookup failure occurs. |
Reports
Type | Name | Description |
---|---|---|
Security | Cisco VPN: Authentication | This category based report provides the information about VPN authentications. |
Security | Cisco VPN: DHCP subsystem | This category based report provides the information related to DHCP server. |
Security | Cisco VPN: SSL subsystem | This category based report provides the information related to SSL VPN. |
Security | Cisco VPN: L2TP subsystem | This category based report provides the information related to L2TP tunnel. |
Security | Cisco VPN: PPTP subsystem | This category based report provides the information related to PPTP tunnel. |
Security | Cisco VPN: OSPF subsystem | This category based report provides the information related to OSPF routing. |
Security | Cisco VPN: WebVPN sessions | This category based report provides the information related WebVPN sessions. |
Documentation
The configuration details are consistent with Netsurion Open XDR 7.x and later, and Cisco VPN Concentrators.
Download Integration Guide for configuration instructions and more information.