Monitor SCTP traffic by viewing logs, ACC displays generated
from SCTP logs, and predefined and custom reports.
You can enable SCTP association start logs
and end logs for SCTP endpoints configured in a Security policy
rule from an SCTP Protection profile. All other SCTP traffic logs
are event-based logs that are generated based on the options you
enable in the SCTP Protection profile.
To help you monitor
SCTP traffic, the firewall uses the SCTP logs to create a visual
display on the Mobile Network Activity tab in the ACC. The firewall
also gives you predefined reports and the ability to generate custom
reports.
SCTP logs are event-based logs that include information
on a wide range of SCTP attributes, including SCTP event type, chunk
type, payload protocol ID, SCTP cause code, association ID, stream
ID, and chunks, in addition to the general information that the
firewall identifies, such as source and destination address, source
and destination port, and timestamp. The SCTP logs also provide
additional information on some applications running over SCTP, including
Diameter and SS7 protocols. View the SCTP logs to verify that your
SCTP Protection profile settings are securing SCTP traffic as you
intend.
You must allocate a log storage quota for SCTP
when you
Configure SCTP Security before
you can view SCTP log events.