The purpose of this manual is to assist users in configuring PRTG Network Monitor to monitor SSL/TLS certificate public key algorithm usage. By monitoring these algorithms, users can ensure that only secure cryptographic algorithms are being used for encryption and decryption, thereby enhancing the overall security posture of their network infrastructure.

Prerequisites:

1. Access to a PRTG Network Monitor instance.
2. Basic understanding of SSL/TLS certificates and public key algorithms.
3. Credentials for accessing the target servers.

Steps:

1. Add SSL/TLS Sensor:

   • Log in to your PRTG Network Monitor instance.
   • Navigate to the device you want to monitor.
   • Click on "Add Sensor" and search for "SSL/TLS Certificate Sensor".
   • Select the sensor and proceed to configure it.

2. Configure Sensor Settings:

   • Enter a name for the sensor to identify it easily.
   • Choose the target server you want to monitor.
   • Specify the port number for SSL/TLS communication (default is 443).
   • Optionally, configure advanced sensor settings such as timeout and scanning interval.

3. Specify Public Key Algorithm Monitoring:

   • In the sensor settings, locate the option to specify the public key algorithm(s) for monitoring.
   • Select the public key algorithm(s) you want to monitor. Common algorithms include RSA, DSA, ECDSA, etc.
   • You can choose multiple algorithms for comprehensive monitoring.

4. Set Thresholds and Notifications:

   • Define warning and error thresholds for each public key algorithm.
   • Configure notification settings to receive alerts when thresholds are breached.
   • Ensure notifications reach the appropriate stakeholders for timely action.

5. Review and Save Settings:

   • Double-check all configured settings to ensure accuracy.
   • Save the sensor configuration to start monitoring immediately.

6. Monitor Results:

   • Monitor the sensor results in the PRTG web interface.
   • Check the status of public key algorithms regularly.
   • Investigate any warnings or errors to identify potential security vulnerabilities.

Best Practices:

• Regularly update SSL/TLS certificates and use strong public key algorithms to mitigate security risks.
• Monitor public key algorithms across all critical servers and services.
• Configure dependencies to ensure accurate monitoring and reduce false alerts.
• Periodically review and adjust threshold settings based on evolving security requirements.

By following these steps, you can effectively monitor SSL/TLS certificate public key algorithm usage using PRTG Network Monitor. This proactive approach helps maintain the security and integrity of your network infrastructure by promptly identifying and addressing potential security vulnerabilities related to the use of cryptographic algorithms. Regular monitoring and adherence to best practices contribute to a robust security posture.