Do you know if there is a way of monitoring traffic being denied or approved for a given policy for a given port.
I think I remember seeing the ability to super impose policy rules on a Wireshark trace, which might be the only means of doing it?
The point is that in the creation of a policy role that denies all traffic, it would be really handy to simply build on the rules of traffic that you maybe seeing being denied but actually want to allow through or visa versa. You can with all the best intension create a role & rules that you think would do the job but there is always going to be something that could slip the net this would be invaluable for.
Many thanks in advance.