Purpose: The purpose of this manual is to assist users in configuring PRTG Network Monitor to monitor SSL/TLS certificate revocation reasons. By monitoring these reasons, users can identify and respond to certificate revocation events, ensuring the security and trustworthiness of their network infrastructure.

Prerequisites:

1. Access to a PRTG Network Monitor instance.
2. Basic understanding of SSL/TLS certificates and certificate revocation mechanisms.
3. Credentials for accessing the target servers.

Steps:

1. Add SSL/TLS Sensor:

   • Log in to your PRTG Network Monitor instance.
   • Navigate to the device you want to monitor.
   • Click on "Add Sensor" and search for "SSL/TLS Certificate Sensor".
   • Select the sensor and proceed to configure it.

2. Configure Sensor Settings:

   • Enter a name for the sensor to identify it easily.
   • Choose the target server you want to monitor.
   • Specify the port number for SSL/TLS communication (default is 443).
   • Optionally, configure advanced sensor settings such as timeout and scanning interval.

3. Specify Revocation Reasons Monitoring:

   • In the sensor settings, locate the option to specify the revocation reason(s) for monitoring.
   • Select the revocation reason(s) you want to monitor. Common reasons include "Certificate Hold", "Key Compromise", "Affiliation Changed", etc.
   • You can choose multiple reasons for comprehensive monitoring.

4. Set Thresholds and Notifications:

   • Define warning and error thresholds for each revocation reason.
   • Configure notification settings to receive alerts when thresholds are breached.
   • Ensure notifications reach the appropriate stakeholders for timely action.

5. Review and Save Settings:

   • Double-check all configured settings to ensure accuracy.
   • Save the sensor configuration to start monitoring immediately.

6. Monitor Results:

   • Monitor the sensor results in the PRTG web interface.
   • Check the status of revocation reasons regularly.
   • Investigate any warnings or errors to identify potential security incidents.

Best Practices:

• Regularly update SSL/TLS certificates and monitor revocation reasons to ensure the security of your network.
• Monitor revocation reasons across all critical servers and services.
• Configure dependencies to ensure accurate monitoring and reduce false alerts.
• Periodically review and adjust threshold settings based on evolving security requirements.

By following these steps, you can effectively monitor SSL/TLS certificate revocation reasons using PRTG Network Monitor. This proactive approach helps maintain the security and integrity of your network infrastructure by promptly identifying and addressing potential security incidents related to certificate revocation. Regular monitoring and adherence to best practices contribute to a robust security posture.