Select to enable the firewall to decapsulate
Encapsulated Remote Switched Port Analyzer (ERSPAN) data sent through
the GRE tunnel. You can configure a network switch to use ERSPAN
to send mirrored traffic through a GRE tunnel to the firewall for
use by Security services like IoT Security. After decapsulating
the data, the firewall inspects it similar to how it inspects traffic
received on a TAP port. It then creates enhanced application logs (EALs)
and traffic, threat, WildFire, URL, data, GTP (when GTP is enabled), SCTP
(when SCTP is enabled), tunnel, auth, and decryption logs. The firewall forwards
these logs to the logging service where IoT Security accesses and analyzes
the data. |