The firewall’s
logging and
monitoring tools reveal applications,
users, and traffic patterns on your network, including applications
and users you may not have known were there. Logging and monitoring
provides useful information at all stages of the transition to and maintenance
of a data center best practice security policy because it also reveals
unknown users (not identified by User-ID), unknown applications,
and traffic on unexpected ports, all of which indicate that a Security
policy rule has not be correctly or tightly constructed. Logging
and monitoring information help you determine which applications
to allow and which users to allow access to which applications and
devices, and also helps you investigate potential security issues.