Monitoring every device, policy, and user determines whether the network is being utilized in accordance with the security policy that has been established.
Evaluating monitored network events can reveal the following:
whether outgoing and incoming data is traveling according to policy guidelines
whether intruders are probing the network for weaknesses
if a user has gained illegal access to sensitive systems or data