When you are in the “Firewall Events” screen a nice enhancement to the GUI would be to allow a right click option (or a button down the side) labeled something along the lines of “Goto Trigger” which would bring up the “Network Security Policy Window” with the rule that triggered the event highlighted.
For consistency of course you could have similar functionality for the Defense+ Events and their triggering rules.
I think it’s better not to overload “Firewall Events” by any other functionality, but I wish to see one more column, named “Application Rule”, where should be record of Rule, that blocked/allowed that activity.
For more detailed overview - take a look at ISA. There you are able to see (even in real-time) any activity and correspondent Rule Name.