Access Control Rule Logging for Malware Protection
When the system detects a prohibited file (including malware) according to the settings in the file policy, it automatically logs an event to the Secure Firewall Management Center database. If you do not want to log file or malware events, you can disable this logging on a per-access-control-rule basis.
The system also logs the end of the associated connection to the Secure Firewall Management Center database, regardless of the logging configuration of the invoking access control rule.