Revolutionize Your Troubleshooting with Event Correlation in Cisco Secure Access!
We are thrilled to announce the General Availability of Event Correlation in Cisco Secure Access! This highly anticipated feature marks a significant milestone, delivering a truly transformative capability designed to fundamentally change how you troubleshoot and gain insights into your security events.
Feature Summary & Key Benefits:
Holistic Session Context: Move beyond isolated event logs. Event Correlation provides a complete picture of what happened to a session, from its initiation to its conclusion, across multiple security enforcement points.
Visual Topology View: Gain intuitive understanding with a visual representation of the session flow. See the journey from sources to destinations, highlighting relevant hops and enforcement phases at a glance.
Unique Event ID for Seamless Correlation: A unique Event ID is generated by the initial platform in the service chain (e.g., ZTA headend, FWaaS for RAVPN/Branch traffic) and propagated across subsequent platforms. This enables a unified, chronological view of the session's journey, making troubleshooting faster and more accurate.
Comprehensive Event Coverage: At General Availability, Event Correlation supports a wide range of critical event types, all correlated by the unique Event ID:
- Client-based/Clientless ZTA
- FWaaS (Firewall as a Service)
- SWG (Secure Web Gateway)
- IPS (Intrusion Prevention System)
- Decryption
- File Events
Documentation and Resources
