Monitoring and Logging
Monitoring and logging are the watching and recording of events and traffic that take place on or across a firewall. In theory, you can record every packet traversing a firewall; however, this is usually impractical because the storage space required would be immense. Certain products can maintain a sliding window of recorded traffic, encompassing hours of communications using multiple terabytes of storage. However, these devices are for advanced security management and beyond the scope of this chapter.
Firewall monitoring and logging are about recording events that take place on or across a firewall (FIGURE 7-6). You can use various approaches to logging. You can log everything, or you can log only events of seeming ...
Get Network Security, Firewalls, and VPNs, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
