I am a new computer support specialist in a small company. We would like to focus on network security. How can I verify the current connections on a PIX firewall? We would like catch malicious behavior while it's occurring. How do I inspect all the connections going through our firewall - both in and out. My focus is on anomalies and investigate them; this could include outbound FTP or inbound Telnet/SSH sessions. We have a Cisco perimeter router, which functions as the company firewall. A PIX firewall sits behind the router and its sole function is to build and terminate IPSEC tunnels. I would appreciate any advise.