2 Track and analyze suspicious network events
The effectiveness of a core network device is based on the rules defined in it. Log & Event Manager includes several built-in rules under the Build section for multiple correlations in real-time. You can choose from pre-defined rules, customize them or create a new one. You are alerted in real-time based on your rule configurations for ICMP/IP traffic, malware, asymmetric routing, IPsec failure, anonymous Web traffic, and so on. You can also monitor user activity on critical routers/switches/firewalls to detect privileged account abuse, unauthorized configuration changes, failed login attempts, etc.