NEW SENSOR REQUEST: Security sensor for devices that should not be on a subnet or behind a probe.

Want this feature implemented, too? Please upvote by clicking Thumbs up!

As a PRTG user, I want to have a "matching" sensor checking for devices that should not be on a subnet/ behind a probe. The match can be made with the devices that are in the active monitoring tree under a probe.

Details of user story

The whole view on security is rapidly changing, not only the outside layers must be protected but also from the inside there should be automated tests to check for strange behaviour. PRTG should be a core part of internal security checking because it's already in place and had this potential for sure.

Acceptance criteria

1. Give a HIGH ALERT notification
2. Give as much as possible details about that device (start collecting and logging).
3. Give the option to add the detected strange device on a "safe-list for that probe" or add it to the active monitoring.
4. The safe list must be easy accessible so users can review the list so now and then.
5. A report template for incident or anomalie detection with a risk diagram (network info, types of protocols used by the device, to what devices the strange device has been talking etc etc)

Status

Open

add-feature add-sensor detection improve-prtg match probe prtg-kbtracker security