Things to log and Audit regularly:

• All Internal Network Traffic allowed outbound
• All External Network Traffic allowed inbound
• Inbound Email traffic
• Outbound Web and FTP Traffic
• Inbound VPN Tunnels and other Remote Access Sessions
• All inbound traffic that is blocked
• PAT and NAT if implemented