Yes I sound like a big Syagate representative lately... Anyway this feature may be present on many other firewalls and I just don't know it, but here it is... The ability to look over 4 seperate logs, "security", "system", "traffic", and "packet". These really make things simple for me, and I like being able to look at the "traffic" that shows everything you did allow and see if there's something in there you didn't want to be. I haven't found anything suspicious in there before, but if your browser was connecting to a site you weren't aware of, it would show up. The "system" log is only the firewall, and I have never seen anything in the "packet" log... most likely it requires the use of rules other than default and I haven't yet gotten into those. Anyway, I think these logs are quite nice as only actual probes, attacks, etc show up in the security log and are rated there by severity. Are these common features on firewalls??
As far as I can tell, they are all different in that area. In Outpost there are the following logs available with one click All connections Established connections Open ports Allowed traffic Blocked traffic And then there are logs for the 6 plugins for filtering. In the allowed and blocked logs, when the traffic is active, you can double click on an active connection and get a sort of modified sniffer look at the traffic. Then if you want, you can select the debug module and look at the systemlog, packet log, firewall log, TDI log, Protect log, Diagnose log, info log, Sockets status, rules, drivers, netstat, nat, nat2, DNSCache, and DNSCache2. That's one of the reasons I like it.