Monitoring connections, blacklists, VPN SAs, users, routing, and SSL VPNs

Firewalls track allowed connections, active VPN SAs, active users, routing, and SSL VPN sessions. Firewall, Layer 2 Firewall, and IPS engines also track combinations of IP addresses, ports, and protocols that are blacklisted.

Note: To be able to monitor users by name, you must enable the logging of user information in the Firewall IPv4 and IPv6 Access rules.

You can monitor in the following ways:

You can view currently open connections, enforced blacklist entries, active VPN SAs, active users, routing, and SSL VPNs.
You can save, view and compare snapshots of currently open connections, enforced blacklist entries, active VPN SAs, active users, routing, and SSL VPN sessions.

When monitoring users, you can only monitor the users connected to a particular NGFW Engine. To see a summary of the activity of all active users, enable showing users in the Home view.