Default - Schedule Default 2017 03 09 000100

FortiGate Daily Security Report
Report Date: 2017-03-09
Data Range: Mar 08, 2017 (REPRESENTACIONES_H_C_NAPO)
Fortinet Inc. All Rights Reserved. Created on Mar 09,2017 00:01

Table of Contents
Bandwidth and Applications...................................................................................................................................... 1

Bandwidth......................................................................................................................................................................... 1
Number of Sessions.......................................................................................................................................................... 1
Traffic Statistics................................................................................................................................................................. 2
Top Applications by Bandwidth......................................................................................................................................... 2
Top Application Categories by Bandwidth........................................................................................................................ 2
Top Users by Bandwidth................................................................................................................................................... 3
Number of Active Users.................................................................................................................................................... 3
Top Destinations by Bandwidth........................................................................................................................................ 3
Web Usage............................................................................................................................................................... 4
Top Allowed Websites...................................................................................................................................................... 4
Top Websites by Bandwidth............................................................................................................................................. 4
Top Blocked Websites...................................................................................................................................................... 4
Top Users by Blocked Requests....................................................................................................................................... 5
Top Users by Requests.................................................................................................................................................... 5
Top Users by Bandwidth................................................................................................................................................... 5
Top Video Streaming Web Sites by Bandwidth................................................................................................................ 6
Emails....................................................................................................................................................................... 7
Top Senders by Number of Emails................................................................................................................................... 7
Top Senders by Combined Email Size............................................................................................................................. 7
Top Recipients by Number of Emails................................................................................................................................ 7
Top Recipients by Combined Email Size.......................................................................................................................... 7
Threats...................................................................................................................................................................... 8
Malware Detected............................................................................................................................................................. 8
Malware Victims................................................................................................................................................................ 8
Malware Sources.............................................................................................................................................................. 8
Malware History................................................................................................................................................................ 8
Botnet Detected................................................................................................................................................................ 8
Botnet Victims................................................................................................................................................................... 8
Botnet C&C....................................................................................................................................................................... 9
Botnet History................................................................................................................................................................... 9
Intrusions Detected........................................................................................................................................................... 9
Intrusion Victims................................................................................................................................................................ 9
Intrusion Sources.............................................................................................................................................................. 9
Intrusions Blocked............................................................................................................................................................. 9
Intrusions By Severity....................................................................................................................................................... 10
Intrusion History................................................................................................................................................................ 10
FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO

VPN Usage............................................................................................................................................................... 11
Site-to-Site IPSec Tunnels by Bandwidth......................................................................................................................... 11
Client-to-Site IPSec Tunnels by Bandwidth...................................................................................................................... 11
SSL-VPN Tunnel Users by Bandwidth.............................................................................................................................. 11
SSL-VPN Web Mode Users by Bandwidth....................................................................................................................... 11
Admin Login and System Events.............................................................................................................................. 12

Admin Login Summary...................................................................................................................................................... 12
List of Failed Logins.......................................................................................................................................................... 12
System Events.................................................................................................................................................................. 12

Sessions Bandwidth (bit/s)
0M
2M
4M
6M
8M
10M
12M
14M
16M
18M
20M
00
0K
10K
20K
30K
40K
50K
60K
70K
80K
90K
100K
00 :0
Bandwidth
:0 0
0
01 01
:0 :0
0 0
02
Number of Sessions
02 :0
:0 0
0
03 03
:0 :0
0 0
04 04
:0 :0
0 0
05 05
:0 :0
0 0
06 06
:0 :0
0
Bandwidth and Applications
0
07 07
:0 :0
0 0
08 08
:0 :0
0 0
09 09
:0 :0
0 0
10 10
:0 :0
0 0
11 11
:0 :0

0 0
12 12
:0 :0
0 0
13 13
:0 :0
0 0
14 14
:0 :0
0 0
15 15
:0 :0
0 0
16 16
:0 :0
0 0
17 17
:0 :0
0 0
18 18
:0 :0
0 0
19 19
:0 :0
0 0
20 20
:0 :0
0 0
21 21
:0 :0
Traffic Out
0 0
22 22
:0 :0
0 0
23 23
Traffic In
:0 :0
0 0
Page 1 of 12
Traffic Statistics
Summary Stats
Total Sessions 1.1 M
Total Bytes In: 36.5 GB Out: 6.3 GB
Average Sessions Per Hour 46.8 K
Average Bytes Per Hour In: 1.5 GB Out: 270.6 MB
Most Active Hour By Sessions 2017-03-08 16:00
Total Users 1.2 K
Total Applications 441
Total Destinations 4.2 K
Top Applications by Bandwidth

Application Traffic Out Traffic In Sessions
HTTPS 6.5 GB 74.7 K
HTTP.BROWSER 5.2 GB 198.0 K
HTTPS.BROWSER 4.5 GB 86.5 K
Google.Services 4.2 GB 96.6 K
udp/443 3.4 GB 19.9 K
Google.Accounts 3.2 GB 77.7 K
HTTP 3.1 GB 108.4 K
SSH 1.6 GB 4.7 K
Microsoft.Portal 1.3 GB 26.4 K
QUIC 1.2 GB 20.7 K
Top Application Categories by Bandwidth

Application Category Traffic Out Traffic In Sessions
unscanned 18.4 GB 316.7 K
Web.Client 9.7 GB 284.5 K
General.Interest 8.4 GB 188.7 K
Network.Service 2.5 GB 122.6 K
Collaboration 1.5 GB 44.2 K
Email 1.1 GB 12.1 K
Proxy 421.3 MB 6.2 K
Update 399.6 MB 84.0 K
Business 203.1 MB 27.4 K
Remote.Access 161.4 MB 223
FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 2 of 12

Top Users by Bandwidth
User Host Traffic Out Traffic In Sessions
192.168.2.61 192.168.2.61 4.7 GB 17.6 K
181.65.211.141 181.65.211.141 1.8 GB 31
192.168.20.40 192.168.20.40 1.4 GB 397
192.168.2.60 192.168.2.60 1.2 GB 62.8 K
172.26.103.130 172.26.103.130 1.1 GB 11.2 K
192.168.20.74 192.168.20.74 1.0 GB 8
172.26.103.47 172.26.103.47 1.0 GB 10.6 K
192.168.1.189 192.168.1.189 915.6 MB 320
192.168.3.71 192.168.3.71 772.4 MB 12.2 K
192.168.21.95 192.168.21.95 771.7 MB 1.8 K
Number of Active Users

800
720
640
560
Active Users
480
400
320
240
160
80
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Top Destinations by Bandwidth
Hostname (or IP) Traffic Out Traffic In Sessions
google.com 2.9 GB 73.1 K
equifax.com.pe 2.8 GB 43.3 K
200.60.223.152 2.5 GB 181
23.216.5.231 2.4 GB 8.8 K
191.98.179.21 2.0 GB 17.9 K
191.98.136.14 1.7 GB 575
191.98.136.12 1.6 GB 498
c.doc-0 1.5 GB 673
191.98.136.13 1.3 GB 505
ggpht.com 1.2 GB 8.0 K

Web Usage
Top Allowed Websites
Website Requests
equifax.com.pe 140.9 K
encontacto.pe 35.1 K
208.87.3.43 12.5 K
google.com 10.4 K
gvt1.com 8.1 K
movistar.com.pe 6.6 K
microsoft.com 6.6 K
akamaized.net 4.4 K
208.87.3.47 4.2 K
buscandope.com 4.1 K
Top Websites by Bandwidth

Website Traffic Out Traffic In
equifax.com.pe 8.2 GB
movistar.com.pe 655.3 MB
208.87.3.43 393.0 MB
google.com 230.7 MB
akamaized.net 211.9 MB
ripley.com.pe 155.0 MB
gvt1.com 103.6 MB
entel.pe 99.0 MB
encontacto.pe 90.4 MB
livechatinc.com 88.9 MB
Top Blocked Websites

Website Requests
digicert.com 15.8 K
windowsupdate.com 13.8 K
datatables.net 12.6 K
google.com 11.3 K
gvt1.com 9.0 K
counterpath.net 8.8 K
microsoft.com 7.5 K
teamviewer.com 5.2 K
msftncsi.com 3.3 K
bing.com 3.3 K

Top Users by Blocked Requests
User(or IP) Hostname(MAC) Requests
192.168.20.16 192.168.20.16 7.7 K
192.168.20.94 192.168.20.94 5.2 K
192.168.20.14 192.168.20.14 5.1 K
192.168.22.124 192.168.22.124 2.3 K
192.168.22.95 192.168.22.95 2.3 K
192.168.22.91 192.168.22.91 2.2 K
192.168.22.75 192.168.22.75 2.2 K
192.168.22.98 192.168.22.98 1.8 K
192.168.22.92 192.168.22.92 1.8 K
192.168.22.97 192.168.22.97 1.7 K
Top Users by Requests

User(or IP) Hostname(MAC) Requests
192.168.22.211 192.168.22.211 9.8 K
172.26.102.54 172.26.102.54 8.7 K
192.168.20.16 192.168.20.16 7.7 K
192.168.1.168 192.168.1.168 6.6 K
192.168.22.224 192.168.22.224 5.7 K
192.168.20.94 192.168.20.94 5.2 K
192.168.22.219 192.168.22.219 5.1 K
192.168.20.14 192.168.20.14 5.1 K
172.26.103.118 172.26.103.118 4.9 K
172.26.103.131 172.26.103.131 4.3 K
Average Usage of Top 10 6.3 K
Top Users by Bandwidth

User(or IP) Hostname(Mac) Traffic Out Traffic In
172.26.102.54 172.26.102.54 305.5 MB
192.168.1.211 192.168.1.211 270.8 MB
192.168.1.204 192.168.1.204 216.8 MB
172.26.103.131 172.26.103.131 146.1 MB
172.26.103.147 172.26.103.147 144.8 MB
172.26.103.160 172.26.103.160 139.2 MB
172.26.103.113 172.26.103.113 131.2 MB
172.26.103.25 172.26.103.25 130.3 MB
172.26.103.20 172.26.103.20 128.3 MB
172.26.103.118 172.26.103.118 125.5 MB
Average Usage of Top 10 173.9 MB

Top Video Streaming Web Sites by Bandwidth
% Website Traffic Out Traffic In

95.5% moda.pe 3.0 MB
1.3% nuevaq.me 42.6 KB
0.4% msn.com 14.0 KB
0.4% foxmusica.net 13.2 KB
0.4% youtubeinmp3.com 11.5 KB
2.0% others 65.1 KB

Emails
Top Senders by Number of Emails
Sender Number of Emails
No matching log data for this report
Top Senders by Combined Email Size

Sender Bandwidth
Top Recipients by Number of Emails

Recipient Number of Emails
Top Recipients by Combined Email Size

Recipient Bandwidth

Threats
Malware Detected
# Malware Name Malware Type Occurrence
Malware Victims
# Victim Occurrence
Malware Sources
# Malware Source Host Name Counts
Malware History
10
6
# of Viruses
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
Botnet Detected 23
# Botnet Name Counts

Botnet Victims
# Victim Name Counts

Botnet C&C
# C & C IP Host Name Counts
Botnet History
10
6
# of Botnet
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Intrusions Detected
# Intrusion Name Counts
Intrusion Victims
# Intrusion Victim Counts
Intrusion Sources
# Intrusion Source Counts
Intrusions Blocked
# Intrusion Name Counts

# of Intrusions
0
1
2
3
4
5
6
7
8
9
10
00
:0
0
01
:0
0
Intrusion History
02
:0
0
Intrusions By Severity
03
:0
0
04
:0
0
05
:0
0
06
:0
0
07
:0
0
08
:0
0
09
:0
0
10
:0
0
11
:0
0

12
:0
0
13
:0
0
14
:0
0
15
:0
0
16
:0
0
17
:0
0
18
:0
0
19
:0
0
20
:0
0
21
:0
0
22
:0
0
23
:0
0
Page 10 of 12
VPN Usage
Site-to-Site IPSec Tunnels by Bandwidth
# Tunnel Duration Traffic Out Traffic In
Client-to-Site IPSec Tunnels by Bandwidth

# User Tunnel Duration Traffic Out Traffic In
SSL-VPN Tunnel Users by Bandwidth

# User IP Traffic Out Traffic In
SSL-VPN Web Mode Users by Bandwidth

# User IP Traffic Out Traffic In

Admin Login and System Events
Admin Login Summary
# User Name Login Interface Total # of Logins Total # of Configuration Changes Total Duration
1 aore https(192.168.2.2) 6 2 02d 04h 58m 02
2 noc https(190.12.64.18) 2 0 11h 29m 08s
3 aore https(192.168.2.19) 1 0 11h 47m 23s
List of Failed Logins

# User Name Login Interface # of Failed Logins
System Events
# Event Name (Description) Severity Counts
1 Configuration changed 4
2 Outdated report files deleted 41
3 Disk log file deleted 20
4 Application crashed 17
5 SNMP query failed 3

Default - Schedule Default 2017 03 09 000100

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Default - Schedule Default 2017 03 09 000100

Uploaded by

Copyright:

Available Formats

FortiGate Daily Security Report

Report Date: 2017-03-09

Data Range: Mar 08, 2017 (REPRESENTACIONES_H_C_NAPO)

Fortinet Inc. All Rights Reserved. Created on Mar 09,2017 00:01

Bandwidth and Applications...................................................................................................................................... 1

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO

Admin Login and System Events.............................................................................................................................. 12

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO

Top Applications by Bandwidth

Top Application Categories by Bandwidth

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 2 of 12

Number of Active Users

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 3 of 12

Top Websites by Bandwidth

Top Blocked Websites

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 4 of 12

Top Users by Requests

Top Users by Bandwidth

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 5 of 12

% Website Traffic Out Traffic In

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 6 of 12

Top Senders by Combined Email Size

Top Recipients by Number of Emails

Top Recipients by Combined Email Size

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 7 of 12

# Botnet Name Counts

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 8 of 12

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 9 of 12

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO

Client-to-Site IPSec Tunnels by Bandwidth

SSL-VPN Tunnel Users by Bandwidth

SSL-VPN Web Mode Users by Bandwidth

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 11 of 12

2 noc https(190.12.64.18) 2 0 11h 29m 08s

3 aore https(192.168.2.19) 1 0 11h 47m 23s

List of Failed Logins

2 Outdated report files deleted 41

3 Disk log file deleted 20

5 SNMP query failed 3

FortiGate Daily Security Report - Host Name: REPRESENTACIONES_H_C_NAPO Page 12 of 12

You might also like