Log Data Center Traffic That Matches No Interzone Rules
By default, the firewall denies traffic between data
center zones (interzone traffic) that matches no Security policy
allow rule. Log and examine this traffic to identify attempted attacks
and also traffic you may want to allow.
Traffic that doesn’t match any of the Security
policy rules you configure matches the predefined interzone-default
rule at the bottom of the rulebase and is denied. To gain visibility into
traffic that doesn’t match a rule you explicitly configured, enable
logging on the interzone-default rule. Logging this traffic gives
you the opportunity to examine access attempts that you have not
explicitly allowed, which may identify attack attempts or traffic
for which you want to modify a whitelist rule to allow.
Select the interzone-default row in the rulebase