|Applies to Product:||USM Appliance™||AlienVault OSSIM®|
Establishing a Virtual Private Network (VPN) connection between AlienVault USM Appliance components encrypts all network traffic that passes through a secure VPN tunnel.
The AlienVault VPN environment consists of a single VPN server that connects to at least one, but usually multiple, VPN clients.
Typically, you configure a USM Appliance Standard or Enterprise Server, or an USM Appliance All-in-One, to act as the VPN server. But, in theory, any AlienVault appliance can serve this function.
Important: An AlienVault appliance cannot serve both as a VPN server and a VPN client at the same time.
You must have already cabled and set up your USM Appliance Server, USM Appliance Sensor, and USM Appliance Logger appliances, with one exception. If you intend for one of your sensors or loggers to act as the VPN client, you only complete setup up to, but not including, the tasks in Configure the USM Appliance Sensor after Deployment or Configure the USM Appliance Logger after Deployment, as applicable.
Note: Completion of the appliance registration task enables viewing of all of the VPN-related configuration options in the AlienVault Setup menu.
Before completing that configuration task, you must have first created a VPN tunnel between the VPN server and VPN client. This gives you the VPN IP address required to configure the sensor or logger in that role.