Category:
Management Systems, Virtual Private Networks (VPN)
Modification:
Software
Operating system/
platform:
Windows

The ViPNet StateWatcher monitoring system is designed for checking the state of ViPNet data protection tools and network infrastructure components. ViPNet StateWatcher monitors the security and other events on ViPNet hosts, facilitates prompt detection of host malfunctioning and notifies host users about issues.

ViPNet StateWatcher includes:

  • Monitoring Server, a software server that performs the following functions:
    • Collects and stores information about the current state of ViPNet hosts and other network infrastructure components. 
    • Analyzes the values of state parameters and creates notifications about detected events. 
    • Notifies system operators and administrators about changes in the state of monitored objects and detected events, and exports the data to external information systems.
  • Monitoring Web Access, a workstation of the server’s operator or administrator from which they manage one or several monitoring servers over a protected channel. The operator or administrator can use Monitoring Web Access to access remotely data and notifications about the monitoring server’s events.
  • Monitored hosts, the network objects whose state is tracked by the monitoring server.
  • Monitoring Agent, the ViPNet Client software or standard SNMP services (SNMP agent) located on a monitored host, which ensure the collection and sending of the host state data to the monitoring server. 

ViPNet StateWatcher has the following features:

  • Monitors hosts of distributed ViPNet networks (detects failures, security events, and other issues).
  • Monitors hosts, equipment, and other components of the information systems (detects failures, security events, and other issues).
  • Monitors mobile devices and hosts of remote users on the ViPNet network regardless of how they are connected to the communication network.
  • Monitors network infrastructure objects (routers, switches and so on), peripheral and auxiliary equipment (printers, UPS, MFP) that support SNMP.

Use Cases

  • Monitoring ViPNet objects in Data Centers.
  • Monitoring the state of the information system and its components.
  • Organizing a monitoring system for distributed networks with enhanced security requirements.

Monitoring Server performance

  • Support of up to 20,000 hosts and 150 analysis rules by one monitoring server.
  • Registration of up to 20,000 events every 5 minutes.
  • Deployed as a monitoring server cascade, ViPNet StateWatcher can process up to 5,000 event notifications from child monitoring servers sent to the main server within a five-minute polling period.
  • You can estimate the channel bandwidth for the monitoring server based on the following: the volume of the monitored data received from one ViPNet host per poll is approximately 8 kB. For example, if a polling interval is 5 minutes, then, to poll 10,000 hosts, you will need to provide the following channel bandwidth: 10,000 hosts × 8 kB ÷ 300 s = 2.7 Mbps.

Advantages

Integration with external systems

  • Export of information about events and states of the monitored objects to external systems in the syslog/CEF format.
  • Obtaining information about the state of ViPNet IDS NS sensors.
  • Filtering and export of the collected data and detected events to XML files.  

Data analysis

  • Built-in analysis rules.
  • The ability to create custom analysis rules.
  • Creation of analysis rules based on the current values of the monitored parameters or changes in state.

Data and events

  • Checking hosts’ availability (using the ping command) even if the hosts do not support SNMP.
  • Various notification options: maps, tables, pop-up windows, SMS text, email, ViPNet Business Mail (secure corporate mail in the ViPNet network), audio and visual notifications about events. 
  • Detailed information about the monitored host, history of the analysis rule execution.

Security

  • No interference of ViPNet StateWatcher with the operation of the monitored hosts, and no way of gaining control over them.
  • Wide integration with ViPNet data protection tools for the monitored hosts, monitoring system components, and collected data.
  • Logging users’ and administrators’ actions and changes in the analysis rules.
  • Indirect monitoring of monitored hosts in the monitoring server cascade.
  • Centralized management of the monitoring domains.

Data visualization and processing

  • Visualization of monitored objects and their states in geoinformation systems and logical schemes of information networks.
  • Dynamic graphing of monitored parameters with the display of retrospective values for a period from 5 minutes to 24 hours.
  • Configurable dashboards to display data about monitored hosts and events with filtering options.

Detailed information about the monitored host (host profile):

  • Location on the map.
  • Availability.
  • Monitored parameter values.
  • List of current events.
  • Event history.

Configuration and management

  • Graphical interface to configure and manage the monitoring servers.
  • Pre-configured default settings (contain analysis rules and design elements).
  • Flexible structure of the monitoring system. Easy-to-modify communication scheme for monitored hosts, servers, and Monitoring Web Access.