Secure SD-WAN Report-2021-12-03-1710 - 111

Secure SD-WAN Report
Report Date: December 3, 2021 17:10

Data Range: 2021-11-26 00:00:00 2021-12-02 23:59:59GMT-3 (FAZ local)
tabela de conteúdo
Introduction Secure SD-WAN 2

SD-WAN Performance 4
Overview of Device - FG-ALMIRANTE_BARROSO 4
SD-WAN Availability 4
Latency After SD-WAN Implementation (ms) 4
Jitter After SD-WAN Implementation (ms) 5
Packet Loss After SD-WAN Implementation 5
SD-WAN Link Health Status 5

SD-WAN Link Quality 6
Device - FG-ALMIRANTE_BARROSO 7
Latency by WAN Link Over Time (ms) 7
Jitter by WAN Link Over Time (ms) 7
Packet Loss by WAN Link Over Time 7
Service Level Agreements (SLAs) 8

SLA Rules Link Percentage Within Latency Threshold 8
SLA Rules Link Percentage Within Jitter Threshold 8
SLA Rules Link Percentage Within Packet Loss Threshold 8
Latency by SLA Rule Over Time (ms) 8
Jitter by SLA Rule Over Time (ms) 9
Packet Loss by SLA Rule Over Time 9
SD-WAN Utilization 9
Traffic Utilization by SD-WAN Rule 9
Traffic Distribution Over SD-WAN Member 9
Traffic Utilization by SD-WAN Members Over Time 10
Sent(bps) 10
Received(bps) 10
SD-WAN Applications 11
Traffic Distribution Over Application 11
SD-WAN Top Applications by Traffic Volume and Session 11
SD-WAN Device Traffic Distribution by Interface and Application 12
SD-WAN Users 12
SD-WAN Top Source by Traffic Volume 13
SD-WAN Top Source by Application and Traffic Volume 13
Appendix A 15
Dispositivos (1) 15
Secure SD-WAN Report (by ADM_Fortinet) - FortiAnalyzer Nome do Host: FMG-MPPA page 1 of 15
Introduction Secure SD-WAN
As the use of business-critical, cloud-based applications and tools continue to increase, distributed organizations
with multiple remote offices are switching from performance inhibited WANs to SD-WAN architectures. SD-WAN
offers business application steering, cost savings, and performance for Software-as-a-Service (SaaS) applications, as
well as unified communication services. However, SD-WAN has its own shortcomings—especially when it comes to
security with direct internet access.
While the highlights are listed below, a more detailed information of each device follows.
100.00% 224.07 MB
SD-WAN Availability SD-WAN Bandwidth
Application usage should have a strong influence on your network architecture. Understanding which types of
applications are used and specifically business application performance can improve user experience and
productivity. Following chart illustrates a breakout of applications specific to your network as ranked by traffic
volume. These applications can be prioritized by leveraging SD-WAN application steering strategies and Service
Level Agreements (SLAs) in order to engineer their optimal path to the Internet.
SD-WAN Performance
Multi-path technology can automatically fail over to the best available link when the primary WAN path degrades.
This automation is built into the FortiGate, which reduces complexity for end-users while improving their experience
and productivity.
Overview of Device - FG-ALMIRANTE_BARROSO

SD-WAN Availability
100 % 100 % 100 % 100 % 100 %

SD-WAN VPNINT VPNIRP VPNTRP wan2
-2 6 -2 7 -2 8 -2 9 -3 0 -0 1 -0 2
11 11 11 11 11 12 12
SD-WAN
VPNINT
VPNIRP
VPNTRP
wan2
0% 30% 50% 70% 90% 99% 99.9%
Latency After SD-WAN Implementation (ms)
30
20
10
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
11 11 11
-2 -2 -2
6 6 6
00 00 00
:0 :0 :0
20%
40%
60%
80%
0.05%
0.15%
0.25%
0%
0%
0.1%
0.2%
0.3%
0
1
0 0 0
100%
11 11 11
Link Uptime
-2 -2 -2
6 6 6
12 12 12
:0 :0 :0
0 0 0
11 11 11
-2 -2 -2
7 7 7
00 00 00
:0 :0 :0
0 0 0
11 11 11
-2 -2 -2
7 7 7
12 12 12
:0 :0 :0
0 0 0
SD-WAN Link Health Status
FG-ALMIRANTE_BARROSO:VPNIRP
FG-ALMIRANTE_BARROSO:VPNINT
11 11 11
-2 -2 -2
8 8 8
00 00 00
:0 :0 :0
0 0 0
11 11 11
-2 -2 -2
8 8 8
12 12 12
:0 :0 :0
0 0 0
Jitter After SD-WAN Implementation (ms)
11 11 11
-2 -2 Packet Loss After SD-WAN Implementation -2
9 9 9
00 00 00
:0 :0 :0
0 0 0
11 11 11
-2 -2 -2
9 9 9
12 12 12
:0 :0 :0
0 0 0
11 11 11
-3 -3 -3
0 0 0
Secure SD-WAN Report (by ADM_Fortinet) - FortiAnalyzer Nome do Host: FMG-MPPA

00 00 00
:0 :0 :0
0 0 0
11 11 11
-3 -3 -3
0 0 0
12 12 12
:0 :0 :0
0 0 0
12 12 12
-0 -0 -0
1 1 1
00 00 00
:0 :0 :0
0 0 0
12 12 12
-0 -0 -0
1 1 1
12 12 12
:0 :0 :0
0 0 0
12 12 12
-0 -0 -0
2 2 2
00 00 00
:0 :0 :0
0 0 0
12 12 12
-0 -0 -0
2 2 2
12 12 12
:0 :0 :0
0 0 0
page 5 of 15
100%
80%
60%
40%
20%
0%
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
FG-ALMIRANTE_BARROSO:VPNTRP
100%
80%
60%
40%
20%
0%
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
FG-ALMIRANTE_BARROSO:wan2
100%
80%
60%
40%
20%
0%
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
SD-WAN Link Quality
Link Quality Status Summary
Link quality plays an important role in link selection for SD-WAN, the link quality status of SD-WAN members should
be monitored and any prolonged issues with packet loss, latency, and jitter have to be investigated to ensure that
your network doesn't experience degraded performance or an outage. SD WAN uses pre-defined SLA strategies to
route traffic through the SD-WAN interfaces that meet the latency, jitter, and packet loss criteria configured in the
SLA targets associated with the SD-WAN rules. SD-WAN constantly monitors network traffic metrics, such as latency,
packet loss and jitter. Based on the measured data, the SD-WAN is able to respond proactively to real-time network
conditions, selecting the optimal path for traffic.
Latency Latency Latency Jitter Jitter Jitter Packet Loss Packet Loss Packet Loss
# Device Name WAN Link
(min.) (avg.) (max.) (min.) (avg.) (max.) (min.) (avg.) (max.)
1 FG-ALMIRANTE_BARR VPNINT 25.26 25.90 237.66 0.23 6.59 94.39 0.00% 0.17% 10.00%
OSO
2 FG-ALMIRANTE_BARR VPNIRP 28.92 28.22 238.72 0.28 6.53 93.86 0.00% 0.31% 10.00%
OSO
3 FG-ALMIRANTE_BARR VPNTRP 0.96 33.10 97.89 0.00 0.33 25.28 0.00% 0.04% 3.00%
OSO
4 FG-ALMIRANTE_BARR wan2 82.88 75.20 283.91 0.25 6.88 95.76 0.00% 0.44% 20.00%
OSO
Device - FG-ALMIRANTE_BARROSO
Latency by WAN Link Over Time (ms)
150 VPNINT
120 VPNIRP
VPNTRP
90
wan2
60
30
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
Jitter by WAN Link Over Time (ms)
40 VPNINT
VPNIRP
30
VPNTRP
20 wan2
10
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
Packet Loss by WAN Link Over Time
VPNINT
4%
VPNIRP
3% VPNTRP
wan2
2%
1%
0%
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
Service Level Agreements (SLAs)
Performance SLA by WAN Link
Performance link monitoring measures the health of links that are connected to SD-WAN member interfaces by
sending probing signals through each link to a server and measuring the link quality based on latency, jitter, and
packet loss. If a link is broken, the routes on that link are removed, and traffic is routed through other links. When
the link is working again, the routes are re-enabled. This prevents traffic being sent to a broken link and lost.
SLA Rules Link Percentage Within Latency Threshold
# SLA Rules Links Latency Within Threshold
1 MPPA_SEDE VPNTRP 100.00%
VPNINT 98.88%
VPNIRP 98.80%
2 Default_Gmail VPNTRP 100.00%
wan2 99.70%
SLA Rules Link Percentage Within Jitter Threshold

# SLA Rules Links Jitter Within Threshold
VPNIRP 97.83%
VPNINT 97.65%
wan2 97.88%
SLA Rules Link Percentage Within Packet Loss Threshold

# SLA Rules Links Packet Loss Within Threshold
VPNINT 99.53%
VPNIRP 98.91%
wan2 97.21%
Latency by SLA Rule Over Time (ms)
Default_Gmail
100 MPPA_SEDE
80
60
40
20
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
Jitter by SLA Rule Over Time (ms)
Default_Gmail
25
MPPA_SEDE
20
15
10
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
Packet Loss by SLA Rule Over Time
Default_Gmail
MPPA_SEDE
2%
1%
0%
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
12
00
12
00
12
00
12
00
12
00
12
00
12
6
2
-2
-2
-2
-2
-2
-2
-2
-2
-3
-3
-0
-0
-0
-0
11
11
11
11
11
11
11
11
11
11
12
12
12
12
SD-WAN Utilization
FortiGate can be set to recognize applications by business criticality. Business-critical applications, general
productivity applications, and social media can be given different routing priorities. Unique policies can be applied
at a deeper level for sub-applications. This broad application-level visibility into traffic patterns and utilization offers
a better position to allocate WAN resources according to business needs. Fortinet Secure SD-WAN identifies and
classifies applications—even encrypted cloud application traffic—from the very first packet. In addition to individual
applications, understanding overall utilization can help with capacity planning, circuit selection, and streamlining
network traffic over time. This awareness can also help reduce operational costs associated with backhauling traffic
over more expensive WAN links (such as MPLS).
Traffic Utilization by SD-WAN Rule Traffic Distribution Over SD-WAN Member
88.5% INTERNET_SEDE (198.30 MB)
224MB 6.46% INTERNET_MPPA (14.47 MB)

5.04% SEDE_MPPA (11.30 MB)
224MB 100% VPNTRP (224.07 MB)
11 11 11
-2 -2 -2
6 6 6
00 00 00
:0 :0 :0
1000KB
1500KB
2M
4M
6M
120KB
150KB
500KB
0
30KB
60KB
90KB
0
0
0 0 0
Sent(bps)
11 11
-2 -2 11
6 6 -2 VPNTRP
12 12 6
:0 :0 12
0 0
Received(bps)
:0
11 11 0
-2 -2
7 7 11
00 00 -2
:0 :0 7
0 0 00
11 11 :0
-2 -2 0
7 7 11
12 12
:0 :0 -2
0 0 7
11 11 12
-2 -2 :0
8 8 0
00 00 11
:0 :0 -2
0 0 8
11 11 00
-2 -2 :0
8 8 0
12 12
:0 :0 11
0 0 -2
11
-2
11
-2 8
12
9 9 :0
00 00 0
:0 :0
0 0 11
11 11 -2
-2 -2 9
9 9 00
12 12 :0
:0 :0 0
0 0
11 11 11
-3 -3 -2
0 0 9
Traffic Utilization by SD-WAN Members Over Time
00 00 12
:0 :0 :0
0 0 0
11 11
-3 -3 11
0 0 -3
12 12 0
Secure SD-WAN Report (by ADM_Fortinet) - FortiAnalyzer Nome do Host: FMG-MPPA

:0 :0 00
0 0 :0
12 12 0
-0 -0
1 1 11
00 00 -3
:0 :0 0
0 0 12
12 12 :0
-0 -0 0
1 1 12
12 12
:0 :0 -0
0 0 1
12 12 00
-0 -0 :0
2 2 0
00 00 12
:0 :0 -0
0 0 1
12 12 12
-0 -0 :0
2 2 0
12 12
:0 :0 12
0 0 -0
2
00
:0
0
12
-0
2
12
:0
wan2 0
wan2
VPNIRP
VPNIRP
VPNINT
VPNINT
VPNTRP
VPNTRP
page 10 of 15
SD-WAN Applications
Traffic Distribution Over Application
38.58% SSL (86.44 MB)

17.96% Facebook (40.23 MB)
224MB
8.94% WhatsApp (20.03 MB)
8.34% Google.Services (18.70 MB)
7.02% YouTube (15.73 MB)
19.16% Others (42.93 MB)
SD-WAN Top Applications by Traffic Volume and Session

# Application Sessions Bandwidth
1 SSL 1,939 86.30 MB
2 Facebook 113 40.23 MB
3 WhatsApp 11 19.35 MB
4 Google.Services 291 18.70 MB
5 YouTube 45 15.73 MB
6 HTTPS.BROWSER 604 15.19 MB
7 MS.Windows.Update 82 7.48 MB
8 Google.Ads 104 4.58 MB
9 SMB.v2 284 4.25 MB
10 LDAP 576 1.99 MB
SD-WAN Device Traffic Distribution by Interface and Application
SD-WAN Users
By looking at source traffic, we can determine the originating source of any particular traffic. Certain botnets,
command and control functions, and even remote access can be session heavy and indicative of targeted attacks or
persistent threats. Following charts representative of source traffic activity that may need further investigation.
SD-WAN Top Source by Traffic Volume
User (or IP)
83MB
2
14
53MB
0.
.4
16
6
10
2.
17
32MB
0.
.4
16
0
11
2.
17
29MB
0.
.4
16
7
11
2.
17
13MB
0.
.4
16
02
2.
.1
17
8MB
40
8.
0
16
.2
2.
40
3293KB
19
8.
16
03
2.
.1
19
668KB
40
8.
46
16
.1
2.
661KB
40
19
8.
42
16
.1
2.
522KB
40
19
8.
1
16
10
2.
53KB
0.
19
.4
16
1
0.
2.
.4
17
8KB
16
2.
1
17
.2
40
0 15MB 30MB 45MB 60MB 75MB

8.
16
Bandwidth
2.
19
SD-WAN Top Source by Application and Traffic Volume

# User (or IP) Application Bandwidth % do Subtotal
1 172.16.40.142 SSL 42.56 MB 51.07%
Facebook 39.53 MB 47.44%
HTTPS.BROWSER 694.39 KB 0.81%
Others 580.68 KB 0.68%
Subtotal 83.34 MB 37.19%
2 172.16.40.106 WhatsApp 19.70 MB 37.45%
YouTube 15.71 MB 29.86%
HTTPS.BROWSER 5.57 MB 10.59%
Others 11.63 MB 22.10%
3 172.16.40.110 SSL 17.78 MB 54.77%
Google.Services 14.53 MB 44.76%
Google.Play 97.34 KB 0.29%
Others 58.07 KB 0.17%
4 172.16.40.117 SSL 21.90 MB 74.72%
Google.Services 819.78 KB 2.73%
Others 1.66 MB 5.65%
5 192.168.40.102 MS.Windows.Upda 7.46 MB 55.46%
te
Google.Services 1.31 MB 9.71%
Others 2.07 MB 15.38%
# User (or IP) Application Bandwidth % do Subtotal
6 192.168.40.20 SMB.v2 4.09 MB 52.37%
LDAP 1.96 MB 25.12%
SSL 567.13 KB 7.10%
Others 1.20 MB 15.42%
7 192.168.40.103 HTTPS.BROWSER 1.23 MB 38.10%
HTTP.BROWSER 577.55 KB 17.54%
udp/1252 576.71 KB 17.51%
Others 884.10 KB 26.85%
8 192.168.40.146 udp/1252 270.55 KB 40.47%
udp/1251 268.47 KB 40.16%
udp/1250 113.47 KB 16.98%
Others 15.96 KB 2.39%
Subtotal 668.46 KB 0.29%
9 192.168.40.142 udp/1251 293.16 KB 44.36%
udp/1252 276.97 KB 41.91%
udp/1250 82.48 KB 12.48%
Others 8.30 KB 1.26%
10 172.16.40.101 HTTPS.BROWSER 150.79 KB 28.86%
SSL 97.28 KB 18.62%
Google.Services 63.63 KB 12.18%
Others 210.75 KB 40.34%
Others 60.61 KB 0.03%
Total 224.07 MB 100.00%
Appendix A
Dispositivos (1)
FG-ALMIRANTE_BARROSO

Secure SD-WAN Report-2021-12-03-1710 - 111

Uploaded by

Copyright:

Available Formats

You might also like

Secure SD-WAN Report-2021-12-03-1710 - 111

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Secure SD-WAN Report-2021-12-03-1710 - 111

Uploaded by

Copyright:

Available Formats

Secure SD-WAN Report

Report Date: December 3, 2021 17:10

Introduction Secure SD-WAN 2

SD-WAN Link Health Status 5

Service Level Agreements (SLAs) 8

Overview of Device - FG-ALMIRANTE_BARROSO

100 % 100 % 100 % 100 % 100 %

0% 30% 50% 70% 90% 99% 99.9%

Latency After SD-WAN Implementation (ms)

SD-WAN Link Health Status

Secure SD-WAN Report (by ADM_Fortinet) - FortiAnalyzer Nome do Host: FMG-MPPA

SD-WAN Link Quality

Link Quality Status Summary

Packet Loss by WAN Link Over Time

Performance SLA by WAN Link

SLA Rules Link Percentage Within Jitter Threshold

SLA Rules Link Percentage Within Packet Loss Threshold

Latency by SLA Rule Over Time (ms)

88.5% INTERNET_SEDE (198.30 MB)

224MB 6.46% INTERNET_MPPA (14.47 MB)

Secure SD-WAN Report (by ADM_Fortinet) - FortiAnalyzer Nome do Host: FMG-MPPA

38.58% SSL (86.44 MB)

SD-WAN Top Applications by Traffic Volume and Session

0 15MB 30MB 45MB 60MB 75MB

SD-WAN Top Source by Application and Traffic Volume

You might also like