100 Log Management uses #5 Outbound Firewall traffic

A couple of days ago we looked at monitoring firewall incoming traffic. In many cases outbound traffic is as much a risk as incoming. Once hackers penetrate your network they will try to obtain information through spyware and attempt to get this information out. Also, outbound connections often chew up bandwidth — file sharing is a great example of this. We had a customer that could not figure out why his network performance was so degraded — it turned out to be an internal machine acting as a file sharing server. Looking at logs discovered this.

By Ananth