What is the best and cheapest way to view network traffic traversing an ASA firewall?
I'm trying to understand the difference between Syslog and TCP Dump?
For instance.. one of the top sites in the ASDM happens to be a multimedia streaming site.. I would like to know what IP is connected to that site so i could bust em but it happens in the off hours and I only know how to view the real-time traffic in the ASDM.
Can someone please take me thru a best practices configuration step by step? Is there a free syslog server i could use?