VPN Analytics Solution
VPN Analytics
As work from home has become the norm, the use of company-provided VPN (Virtual Private Network) software has skyrocketed. But, the companies must be vigilant about the potential misuse of VPN connections. The LinkedIn data breach in 2012 highlighted how hackers could infiltrate the company network through VPN without the knowledge of the compromised user. At Avalanchio, we monitor and analyze VPN data feed in real-time to find out potential anomalies.
VPN Analytics Solution
Avalanchio connectors collect data from the company provided VPN software in near real-time to monitor VPN sessions, enrich the session data with identity and asset details, trace the activities and find any potential misuse VPN sessions.
Data Sources
- CISCO VPN
Input Data
- VPN logs
Solution Deliverables
- Common data model for VPN
- Realtime dashboard for VPN traffic
- Logons from unknown source, geo location
- Geo location dashboard for VPN traffic
- Abnormal number of user logons
- Logons during abnormal hours
- Logon activity from multiple geo locations
- Multiple session by same user
- Traffic volume behavior pattern by user, department etc.
- Logon from unknown assets
- Timeline traceability (require additional logs)