Guest

CiscoWorks VPN Monitor

CiscoWorks VPN Monitor

 

Table Of Contents

Data Sheet

Introduction

Features and Benefits

Flexible Monitoring

Multidevice Comparison

Supported Cisco Devices

System Requirements

Ordering Information


Data Sheet


CiscoWorks VPN Monitor 1.2

Enterprises have recognized the dramatic benefits of virtual private networks (VPNs) using IP Security (IPSec) to reduce costs and secure their networks. Now, as IPSec VPNs become business critical, enterprises need strong management tools to monitor the health of IPSec tunnels and central-site VPN devices.

Figure 1

CiscoWorks VPN Monitor Dashboard

Introduction

Once a VPN has been deployed, network administrators must be able to monitor the health of the tunnels and VPN devices to ensure optimal VPN services. They need the following information:

Number of operational tunnels

Throughput of individual tunnels

Status of security negotiations and sessions

VPN device performance status

Performance threshold violations

Network managers can generate special reports on VPN-related problems to provide visibility on Internet Key Exchange (IKE), encryption, encapsulation, and certificate problems. Network managers need ongoing reports on current VPN activity, outages, VPN failures, signs of impending failures, and activity history.

CiscoWorks VPN Monitor is a Web-based management tool that allows network administrators to collect, store, and view information on IPSec VPN connections for remote-access or site-to-site VPN terminations. CiscoWorks VPN Monitor manages VPNs that are configured on Cisco VPN 3000 concentrators, and Cisco 1700, 2600, 3600, 7100, 7200, or 7400 Series routers. Multiple devices can be viewed from an easy-to-use dashboard configured on a Web browser. After the dashboard is configured, CiscoWorks VPN Monitor continuously collects data from the devices it manages over a rolling seven-day window. Operational status, performance, and security information can be viewed at a glance, providing status information on IPSec VPN implementations.

The dashboard allows network administrators to drill down to further analyze each device's performance and its current IPSec connections. Administrators can use this drill-down capability to view device CPU and memory performance, tunnel throughput, failure events, threshold violations, and active tunnels on a device. Data collected from VPN devices can also be viewed in detailed graphs that display important parameters related to VPN operation.

CiscoWorks VPN Monitor supports the commonly deployed VPN tunneling protocols, including the IETF Layer 2 Tunneling Protocol (L2TP), Point-to-Point Tunneling Protocol (PPTP), and IPSec.

Features and Benefits

Flexible Monitoring

CiscoWorks VPN Monitor's configuration flexibility allows network administrators to set polling and graphing intervals to best reflect the network performance of the network and the graphical user interface of CiscoWorks VPN Monitor. The types of monitoring range from the percent utilization of a CPU, to the throughput of a VPN concentrator or router, to the number of users with established connections. Other variables that can be tracked include:

System resources—average and maximum memory available and CPU utilization percentage per device

Traffic throughput—average and maximum of encrypted traffic

Statistics—number of sites that are online, number of sessions established, number of IKE and session failures, and number of current security errors

The dashboard can also provide troubleshooting information. Auto-refreshing Web-based status reports provide detailed information on conditions such as the number of session failures or IKE failures by peer. You can set warnings and alerts based on user-defined threshold values.

Multidevice Comparison

CiscoWorks VPN Monitor provides a convenient way to view important statistics of multiple VPN termination devices in a single dashboard. This capability enables administrators to quickly correct for devices with the highest CPU or memory usage. The multidevice view gives the administrator an aggregated summary of active VPN tunnels and sessions.

Supported Cisco Devices

Cisco VPN 3000 concentrators with the 2.5.2f software image or later

Cisco 7100, 7200, or 7400 Series routers with Cisco IOS® Software Release 12.1.(5a)E or later

Cisco 1700, 2600, and 3600 Series routers with Cisco IOS Software Release 12.2(4)T or later

System Requirements

For comprehensive hardware and operating requirements, see the CiscoWorks VMS Overview at
http://www.cisco.com/go/vms

Ordering Information

CiscoWorks VPN Monitor is available exclusively as part of the CiscoWorks VPN/Security Management Solution (VMS).

Detailed ordering information is available in the VMS product bulletin at
http://www.cisco.com/warp/public/cc/pd/wr2k/vpmnso/prodlit/.