The access category contains authentication and access controls that are used for monitoring network events.
The following table describes the low-level event categories and associated severity levels for the access category.
Table 1: Low-level Categories and Severity Levels for the Access Events Category
Low-level event category
Severity level (0 - 10)
Unknown Network Communication Event
Indicates an unknown network communication event.
Indicates that access to the firewall was allowed.
Indicates that access to the firewall was denied.
Flow Context Response (JSA only)
Indicates events from the Classification Engine in response to a SIM request.
Misc Network Communication Event
Indicates a miscellaneous communications event.
Indicates Intrusion Prevention Systems (IPS) denied traffic.
Firewall Session Opened
Indicates that the firewall session was opened.
Firewall Session Closed
Indicates that the firewall session was closed.
Dynamic Address Translation Successful
Indicates that dynamic address translation was successful.
No Translation Group Found
Indicates that no translation group was found.
Indicates that access was granted to a miscellaneous authentication server.
Indicates that an Access Control List (ACL) allowed access.
Indicates that an Access Control List (ACL) denied access.
Indicates that access was allowed.
Indicates that access was denied.
Indicates that a session was opened.
Indicates that a session was closed.
Indicates that a session was reset.
Indicates that a session was allowed.
Indicates that a session was denied.
Session in Progress
Indicates that a session is in progress.
Indicates that a session was delayed.
Indicates that a session was queued.
Indicates that a session is inbound.
Indicates that a session is outbound.
Unauthorized Access Attempt
Indicates that an unauthorized access attempt was detected.
Misc Application Action Allowed
Indicates that an application action was allowed.
Misc Application Action Denied
Indicates that an application action was denied.
Database Action Allowed
Indicates that a database action was allowed.
Database Action Denied
Indicates that a database action was denied.
FTP Action Allowed
Indicates that an FTP action was allowed.
FTP Action Denied
Indicates that an FTP action was denied.
Indicates that an object was cached.
Object Not Cached
Indicates that an object was not cached.
Indicates that the network rate-limits traffic.
No Rate Limiting
Indicates that the network does not rate-limit traffic.
P11 Access Permitted
Indicates that P11 access is permitted.
P11 Access Denied
Indicates that P11 access was attempted and denied.
Indicates an IPS permit.