Purpose: The purpose of this manual is to assist users in configuring PRTG Network Monitor to monitor SSL/TLS certificate issuer revocation status. By monitoring issuer revocation status, users can ensure that certificates issued by trusted authorities remain valid and trustworthy, thereby enhancing the overall security posture of their network infrastructure.

Prerequisites:

1. Access to a PRTG Network Monitor instance.
2. Basic understanding of SSL/TLS certificates and certificate revocation mechanisms.
3. Credentials for accessing the target servers.

Steps:

1. Add SSL/TLS Sensor:

   • Log in to your PRTG Network Monitor instance.
   • Navigate to the device you want to monitor.
   • Click on "Add Sensor" and search for "SSL/TLS Certificate Sensor".
   • Select the sensor and proceed to configure it.

2. Configure Sensor Settings:

   • Enter a name for the sensor to identify it easily.
   • Choose the target server you want to monitor.
   • Specify the port number for SSL/TLS communication (default is 443).
   • Optionally, configure advanced sensor settings such as timeout and scanning interval.

3. Specify Issuer Revocation Status Monitoring:

   • In the sensor settings, locate the option to specify the issuer revocation status for monitoring.
   • Select the desired issuer(s) you want to monitor. This may include trusted certificate authorities or specific certificate issuers.
   • You can choose multiple issuers for comprehensive monitoring.

4. Set Thresholds and Notifications:

   • Define warning and error thresholds for issuer revocation status.
   • Configure notification settings to receive alerts when thresholds are breached.
   • Ensure notifications reach the appropriate stakeholders for timely action.

5. Review and Save Settings:

   • Double-check all configured settings to ensure accuracy.
   • Save the sensor configuration to start monitoring issuer revocation status immediately.

6. Monitor Results:

   • Monitor the sensor results in the PRTG web interface.
   • Check the issuer revocation status regularly.
   • Investigate any warnings or errors to identify potential security incidents related to certificate issuer revocation.

Best Practices:

• Regularly update SSL/TLS certificates and monitor issuer revocation status to ensure the security of your network.
• Monitor issuer revocation status across all critical servers and services.
• Configure dependencies to ensure accurate monitoring and reduce false alerts.
• Periodically review and adjust threshold settings based on evolving security requirements.

By following these steps, you can effectively monitor SSL/TLS certificate issuer revocation status using PRTG Network Monitor. This proactive approach helps maintain the security and integrity of your network infrastructure by promptly identifying and addressing potential security incidents related to certificate issuer revocation. Regular monitoring and adherence to best practices contribute to a robust security posture.