Fortigate Daily Security Report: Report Date: 2019-01-04 Data Range: Jan 03, 2019 (Pia-Fg900D)

FortiGate Daily Security Report
Report Date: 2019-01-04
Data Range: Jan 03, 2019 (PIA-FG900D)
Fortinet Inc. All Rights Reserved. Created on Jan 04,2019 00:01

Table of Contents
Bandwidth and Applications...................................................................................................................................... 1

Bandwidth......................................................................................................................................................................... 1
Number of Sessions.......................................................................................................................................................... 1
Traffic Statistics................................................................................................................................................................. 2
Top Applications by Bandwidth......................................................................................................................................... 2
Top Application Categories by Bandwidth........................................................................................................................ 2
Top Users by Bandwidth................................................................................................................................................... 2
Number of Active Users.................................................................................................................................................... 3
Top Destinations by Bandwidth........................................................................................................................................ 3
Web Usage............................................................................................................................................................... 4
Top Allowed Websites...................................................................................................................................................... 4
Top Websites by Bandwidth............................................................................................................................................. 4
Top Blocked Websites...................................................................................................................................................... 4
Top Users by Blocked Requests....................................................................................................................................... 4
Top Users by Requests.................................................................................................................................................... 4
Top Users by Bandwidth................................................................................................................................................... 4
Top Video Streaming Web Sites by Bandwidth................................................................................................................ 4
Emails....................................................................................................................................................................... 5
Top Senders by Number of Emails................................................................................................................................... 5
Top Senders by Combined Email Size............................................................................................................................. 5
Top Recipients by Number of Emails................................................................................................................................ 5
Top Recipients by Combined Email Size.......................................................................................................................... 5
Threats...................................................................................................................................................................... 6
Malware Detected............................................................................................................................................................. 6
Malware Victims................................................................................................................................................................ 6
Malware Sources.............................................................................................................................................................. 6
Malware History................................................................................................................................................................ 6
Botnet Detected................................................................................................................................................................ 6
Botnet Victims................................................................................................................................................................... 6
Botnet C&C....................................................................................................................................................................... 7
Botnet History................................................................................................................................................................... 7
Intrusions Detected........................................................................................................................................................... 7
Intrusion Victims................................................................................................................................................................ 7
Intrusion Sources.............................................................................................................................................................. 7
Intrusions Blocked............................................................................................................................................................. 7
Intrusions By Severity....................................................................................................................................................... 8
Intrusion History................................................................................................................................................................ 8
FortiGate Daily Security Report - Host Name: PIA-FG900D

VPN Usage............................................................................................................................................................... 9
Site-to-Site IPSec Tunnels by Bandwidth......................................................................................................................... 9
Client-to-Site IPSec Tunnels by Bandwidth...................................................................................................................... 9
SSL-VPN Tunnel Users by Bandwidth.............................................................................................................................. 9
SSL-VPN Web Mode Users by Bandwidth....................................................................................................................... 9
Admin Login and System Events.............................................................................................................................. 10

Admin Login Summary...................................................................................................................................................... 10
List of Failed Logins.......................................................................................................................................................... 10
System Events.................................................................................................................................................................. 10

Sessions Bandwidth (bit/s)
0M
8M
16M
24M
32M
40M
48M
56M
64M
72M
80M
00
0K
40K
80K
120K
160K
200K
240K
280K
320K
360K
400K
00 :0
Bandwidth
:0 0
0
01 01
:0 :0
0 0
02
Number of Sessions
02 :0
:0 0
0
03 03
:0 :0
0 0
04 04
:0 :0
0 0
05 05
:0 :0
0 0
06 06
:0 :0
0
Bandwidth and Applications
0
07 07
:0 :0
0 0

08 08
:0 :0
0 0
09 09
:0 :0
0 0
10 10
:0 :0
0 0
11 11
:0 :0
0 0
12 12
:0 :0
0 0
13 13
:0 :0
0 0
14 14
:0 :0
0 0
15 15
:0 :0
0 0
16 16
:0 :0
0 0
17 17
:0 :0
0 0
18 18
:0 :0
0 0
19 19
:0 :0
0 0
20 20
:0 :0
0 0
21 21
:0 :0
Traffic Out
0 0
22 22
:0 :0
0 0
23 23
Traffic In
:0 :0
0 0
Page 1 of 10
Traffic Statistics
Summary Stats
Total Sessions 1.7 M
Total Bytes In: 114.7 GB Out: 19.8 GB
Average Sessions Per Hour 69.5 K
Average Bytes Per Hour In: 4.8 GB Out: 843.6 MB
Most Active Hour By Sessions 2019-01-03 16:00
Total Users 2.3 K
Total Applications 6.1 K
Total Destinations 5.6 K
Top Applications by Bandwidth

Application Traffic Out Traffic In Sessions
RTSP 38.4 GB 5
tcp/3260 26.2 GB 13.4 K
HTTPS 18.0 GB 157.0 K
HTTP 10.5 GB 72.7 K
camera_vpdd_81 10.4 GB 0
camera_vpdd_82 10.4 GB 0
tcp/37777 4.8 GB 13
SMB 2.6 GB 9.8 K
tcp/8888 2.4 GB 13
udp/3232 1.8 GB 1
Top Application Categories by Bandwidth

Application Category Traffic Out Traffic In Sessions
unscanned 134.5 GB 1.7 M
Top Users by Bandwidth

User Host Traffic Out Traffic In Sessions
10.59.13.32 10.59.13.32 59.2 GB 1.6 K
10.59.254.223 10.59.254.223 26.3 GB 13.8 K
10.59.0.100 10.59.0.100 6.6 GB 6.2 K
10.59.0.173 10.59.0.173 5.2 GB 5.2 K
10.59.0.87 10.59.0.87 2.5 GB 5.5 K
10.59.13.50 10.59.13.50 2.5 GB 4.5 K
10.59.13.237 10.59.13.237 1.8 GB 106
10.59.4.71 10.59.4.71 1.0 GB 986
10.59.2.159 10.59.2.159 1.0 GB 2.5 K
117.109.120.198 117.109.120.198 1.0 GB 628
FortiGate Daily Security Report - Host Name: PIA-FG900D Page 2 of 10

Number of Active Users
1000
900
800
700
Active Users
600
500
400
300
200
100
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Top Destinations by Bandwidth
Hostname (or IP) Traffic Out Traffic In Sessions
10.59.13.240 26.2 GB 14.1 K
118.69.35.142 22.6 GB 4
10.59.0.234 13.4 GB 11.2 K
10.59.0.232 12.7 GB 80
10.59.0.233 12.7 GB 511
14.248.64.244 4.8 GB 1.5 K
113.171.230.64 2.5 GB 371
210.211.103.82 2.4 GB 2
173.194.59.123 2.1 GB 5
10.0.0.3 1.6 GB 13

Web Usage
Top Allowed Websites
Website Requests
No matching log data for this report
Top Websites by Bandwidth

Website Traffic Out Traffic In
Top Blocked Websites

Website Requests
Top Users by Blocked Requests

User(or IP) Hostname(MAC) Requests
Top Users by Requests

User(or IP) Hostname(MAC) Requests
Top Users by Bandwidth

User(or IP) Hostname(Mac) Traffic Out Traffic In
Top Video Streaming Web Sites by Bandwidth

Emails
Top Senders by Number of Emails
Sender Number of Emails
Top Senders by Combined Email Size

Sender Bandwidth
Top Recipients by Number of Emails

Recipient Number of Emails
Top Recipients by Combined Email Size

Recipient Bandwidth

Threats
Malware Detected
# Malware Name Malware Type Occurrence
1 Riskware/HiRu Spyware 7
Malware Victims
# Victim Occurrence
1 10.59.0.100 7
Malware Sources
# Malware Source Host Name Counts
1 118.69.215.68 118.69.215.68 4
2 118.69.164.168 118.69.164.168 3
Malware History
10
6
# of Viruses
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Botnet Detected
# Botnet Name Counts
Botnet Victims
# Victim Name Counts

Botnet C&C
# C & C IP Host Name Counts
Botnet History
10
6
# of Botnet
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Intrusions Detected
# Intrusion Name Counts
Intrusion Victims
# Intrusion Victim Counts
Intrusion Sources
# Intrusion Source Counts
Intrusions Blocked
# Intrusion Name Counts

# of Intrusions
0
1
2
3
4
5
6
7
8
9
10
00
:0
0
01
:0
0
Intrusion History
02
:0
0
Intrusions By Severity
03
:0
0
04
:0
0
05
:0
0
06
:0
0
07
:0
0

08
:0
0
09
:0
0
10
:0
0
11
:0
0
12
:0
0
13
:0
0
14
:0
0
15
:0
0
16
:0
0
17
:0
0
18
:0
0
19
:0
0
20
:0
0
21
:0
0
22
:0
0
23
:0
0
Page 8 of 10
VPN Usage
Site-to-Site IPSec Tunnels by Bandwidth
# Tunnel Duration Traffic Out Traffic In
Client-to-Site IPSec Tunnels by Bandwidth

# User Tunnel Duration Traffic Out Traffic In
SSL-VPN Tunnel Users by Bandwidth

# User IP Traffic Out Traffic In
1 d2s.piacom 14.162.146.23 895.1 MB
2 toantp.piacom 118.69.35.142 506.6 MB
3 nguyenvt.piacom 117.6.161.199 148.9 MB
4 hientd.piacom 42.114.37.89 35.1 MB
5 giangvt.piacom 118.69.35.142 32.3 MB
6 vinhtn.piacom 118.69.35.142 15.5 MB
SSL-VPN Web Mode Users by Bandwidth

# User IP Traffic Out Traffic In

Admin Login and System Events
Admin Login Summary
# User Name Login Interface Total # of Logins Total # of Configuration Changes Total Duration
1 admin https(10.59.0.117) 1 0 04h 15m 31s
2 admin https(10.59.0.168) 1 1 04h 40m 59s
3 admin https(10.59.0.66) 1 0 04h 16m 43s
4 user https(10.59.0.76) 1 0 05h 00m 47s
List of Failed Logins

# User Name Login Interface # of Failed Logins
1 admin https(10.59.0.168) 2
System Events
# Event Name (Description) Severity Counts
1 Admin login failed 2
2 Configuration changed 2
3 Disk log file deleted 15
4 Report database recreated 1

Fortigate Daily Security Report: Report Date: 2019-01-04 Data Range: Jan 03, 2019 (Pia-Fg900D)

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Fortigate Daily Security Report: Report Date: 2019-01-04 Data Range: Jan 03, 2019 (Pia-Fg900D)

Uploaded by

Copyright:

Available Formats

FortiGate Daily Security Report

Report Date: 2019-01-04

Data Range: Jan 03, 2019 (PIA-FG900D)

Fortinet Inc. All Rights Reserved. Created on Jan 04,2019 00:01

Bandwidth and Applications...................................................................................................................................... 1

FortiGate Daily Security Report - Host Name: PIA-FG900D

Admin Login and System Events.............................................................................................................................. 10

FortiGate Daily Security Report - Host Name: PIA-FG900D

FortiGate Daily Security Report - Host Name: PIA-FG900D

Top Applications by Bandwidth

Top Application Categories by Bandwidth

Top Users by Bandwidth

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 2 of 10

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 3 of 10

Top Websites by Bandwidth

Top Blocked Websites

Top Users by Blocked Requests

Top Users by Requests

Top Users by Bandwidth

Top Video Streaming Web Sites by Bandwidth

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 4 of 10

Top Senders by Combined Email Size

Top Recipients by Number of Emails

Top Recipients by Combined Email Size

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 5 of 10

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 6 of 10

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 7 of 10

FortiGate Daily Security Report - Host Name: PIA-FG900D

Client-to-Site IPSec Tunnels by Bandwidth

SSL-VPN Tunnel Users by Bandwidth

SSL-VPN Web Mode Users by Bandwidth

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 9 of 10

2 admin https(10.59.0.168) 1 1 04h 40m 59s

3 admin https(10.59.0.66) 1 0 04h 16m 43s

4 user https(10.59.0.76) 1 0 05h 00m 47s

List of Failed Logins

3 Disk log file deleted 15

4 Report database recreated 1

FortiGate Daily Security Report - Host Name: PIA-FG900D Page 10 of 10

You might also like