What is the NetWatcher VPN (aka Sensor-in-the-Cloud™)?
Quite simply it’s a Virtual Private Network that runs an asset’s internet bound traffic through an Intrusion Detection System (IDS) hosted ‘in the cloud’.
We should have called it something more interesting but everyone in the company always called it by this name so that’s what we ended up naming the feature.
We created the Sensor-in-the-Cloud module because customers were telling us many of their corporate assets (laptops) travel with their employees to their homes or on business trips. Customer’s didn’t want to lose the managed detection & response capabilities when their assets were not within reach of a NetWatcher sensor as this is the most likely time for them to be exploited.
If you have the ‘SysTray’ module loaded on the endpoint you will also be able to see that the ‘Sensor-in-the-Cloud’ module is started and running. Note that this feature disable Logs and HIDS (these will be added to the Sensor-in-the-Cloud soon and be available in the same way that they are available when the asset is near a locally deployed sensor).
This Virtual Private Network (VPN) creates an encrypted tunnel between the corporate asset (computer) and the NetWatcher VPN server.