An administrator can configure the PIX Security Appliance to enable
accounting for specific network services
. Accounting
records are generated to track the initiation and termination of predefined
sessions. The PIX can be configured to generate accounting records for
configuration changes. For example, accounting records can track when a telnet
user logged into the PIX, at what privilege level, what configuration commands
were entered, and when they terminated the session. It can track the beginning
and end of a web session between a remote user and the corporate DMZ web
server. It can also be used to track the start and finish of remote tunnel
access sessions. These records are kept on the designated AAA server or
servers.