Hello,
We are using Netflow for our Firewalls.
This is generally working.
However, with other reporting tools we might use, it picks up VPN specific flows, to monitor the VPN tunnels in use, traffic, etc. (IPSEC tunnels, not SSLVPN).
Site24x7 does not appear to categorize or displays VPN specific flows. Is this correct?
Like (1)
Reply
Replies (1)
Hi Dennis,
Thanks for reaching out.
When NetFlow data is collected from WAN or physical interfaces, VPN traffic (such as IPsec tunnels) is typically captured in its encrypted form. Because of this, Site24x7 cannot interpret or categorize these flows as VPN-specific conversations—the traffic appears as generic encrypted traffic rather than identifiable application or tunnel-level data.
To gain visibility into VPN-specific traffic, flows need to be exported from:
- Logical tunnel/VPN interfaces
- Internal interfaces where traffic is decrypted
In these cases, Site24x7 can capture and display more meaningful conversation-level metrics.
We’d like to understand your requirements in more detail. Please reach out to our support team to schedule a quick meeting so we can assist you further.
Please note, we are currently developing a Firewall Analyzer feature that will provide enhanced visibility into firewall and VPN traffic. If feasible, we can incorporate your specific requirements into this development.
Best,
Rama
Like (0)
Reply