Purpose: The purpose of this manual is to assist users in configuring the PRTG Network Monitor to monitor SSL/TLS certificate CRL distribution points. By monitoring CDPs, users can ensure the availability and integrity of CRLs, thereby maintaining the security and trustworthiness of their network infrastructure.

Prerequisites:

1. Access to a PRTG Network Monitor instance.
2. Basic understanding of SSL/TLS certificates, Certificate Authorities (CAs), and Certificate Revocation Lists (CRLs).
3. Credentials for accessing the target servers hosting CRL distribution points.

Steps:

1. Add HTTP Advanced Sensor:

   • Log in to your PRTG Network Monitor instance.
   • Navigate to the device you want to monitor.
   • Click on "Add Sensor" and search for "HTTP Advanced Sensor".
   • Select the sensor and proceed to configure it.

2. Configure Sensor Settings:

   • Enter a name for the sensor to identify it easily (e.g., "CRL Distribution Points").
   • Specify the URL(s) of the CRL distribution point(s) you want to monitor.
   • Optionally, configure authentication settings if required to access the CDP URLs.
   • Adjust other sensor settings such as scanning interval and timeout as needed.

3. Set Thresholds and Notifications:

   • Define warning and error thresholds for sensor response time or content validation.
   • Configure notification settings to receive alerts when thresholds are breached.
   • Ensure notifications reach the appropriate stakeholders for timely action.

4. Review and Save Settings:

   • Double-check all configured settings to ensure accuracy.
   • Save the sensor configuration to start monitoring CRL distribution points immediately.

5. Monitor Results:

   • Monitor the sensor results in the PRTG web interface.
   • Review sensor response times and validation results for each monitored CDP URL.
   • Investigate any warnings or errors to identify potential issues with CRL distribution points.

Best Practices:

• Regularly monitor CRL distribution points to ensure the availability and integrity of CRLs.
• Monitor multiple CDP URLs for redundancy and failover capability.
• Configure dependencies to ensure accurate monitoring and reduce false alerts.
• Periodically review and adjust threshold settings based on evolving security requirements.

By following these steps, you can effectively monitor SSL/TLS certificate CRL distribution points using PRTG Network Monitor. Monitoring CDPs helps ensure the availability and integrity of CRLs, thereby maintaining the security and trustworthiness of your network infrastructure. Leveraging PRTG's capabilities enables proactive monitoring and timely detection of potential issues with CRL distribution points.