Using an external service to monitor the firewall enables
you to receive alerts for important events, archive monitored information
on systems with dedicated long-term storage, and integrate with
third-party security monitoring tools. The following are some common
scenarios for using external services:
For long-term log storage and centralized firewall monitoring,
you can Configure Syslog Monitoring to send log
data to a syslog server. This enables integration with third-party
security monitoring tools such as Splunk! or ArcSight.
For monitoring statistics on the IP traffic that traverses
firewall interfaces, you can Configure NetFlow Exports to view the
statistics in a NetFlow collector.