Select to enable the firewall to decapsulate Encapsulated Remote Switched Port Analyzer (ERSPAN)
data sent through the GRE tunnel. You can configure a network switch
to use ERSPAN to send mirrored traffic through a GRE tunnel to the
firewall for use by Security services like IoT Security. After
decapsulating the data, the firewall inspects it similarly to how it
inspects traffic received on a tap interface. It then creates
Enhanced Application logs (EALs) and traffic, threat, WildFire, URL,
data, GTP (when GTP is enabled), SCTP (when SCTP is enabled),
tunnel, auth, and decryption logs. The firewall forwards these logs
to the logging service where IoT Security accesses and analyzes the
data. |