For Network
IPS appliances, connection events occur when
network traffic connects to the monitored network through a particular
port, from a particular address, with a certain network protocol.
The appliance
detects these connections using packet header values.
Connection events do not necessarily constitute an attack or other
suspicious activity, but they are network occurrences that might interest
a security administrator.
Note: Connection events do not monitor your
network for any particular attack signatures. Use security events
to monitor for these types of attacks. You configure security events
in .