Executive Report

Executive report
2023-03-16 00:00:00 - 2023-03-31 23:59:59
Appliance:
SG210
Appliance key:
S2307662E2B8BCE
Firmware version:
SFOS 19.0.0 GA-Build317
Filter(s) applied while generating this report:

None
Server time : Tue Apr 25 12:43:09 PST 2023

SUMMARY
Applications & web Network & threats
Users & data transfer VPN
• User count : 0 • VPN connections : 0
• Total user data transfer : 0B • VPN traffic (L2TP,PPTP) : 0B
User applications RED
• Applications accessed : 8013 • RED usage : 0B
• High-risk applications accessed : 26 Wireless
• App risk score (out of 5) : 1.31 • Wireless AP count : 0
• Blocked applications : 34 • SSID count : 0
• Application data transfer : 2.99 TB • Max clients per SSID : 0
Web • Avg clients per SSID : 0
• Web domains accessed : 39580 IPS
• Web domains blocked : 685 • Intrusion attacks : 1859
• Objectionable web domains accessed : 525 • Emergency + critical attacks : 1212
• Web data transfer : 2.38 TB Advanced threat protection
• Web virus : 1 • Host count : 6
Business applications • Threat count : 1
• Web server(s) count : 0 • Events : 8082
• Blocked web server requests : 0 Web admin console logins
Email • Successful : 11
• Mails processed : 0 • Failed : 0
• Spam mails : 0 System

• Virus mails blocked : 0 • System restarts : 3
Updates
• Firmware updates installed : 0
• Pattern updates installed : 133

Reports:
1. Applications & Web 2. Network & Threats

Users Intrusion attacks
User threat quotient Severity-wise attacks
Application categories Advanced threats
Applications Users - ATP
High-risk applications Client health
Blocked applications Detailed view - client health
Web categories Security Heartbeat - ATP
Web category types
Objectionable web categories
Objectionable web domains
Web server domains
Blocked web server requests
3. Email 4. Resource Usage

Mail traffic summary CPU usage
Spam senders Memory usage
Spam recipients Disk usage
Mail virus Live users
Interface

Applications & Web

1.Users
USER NAME CLIENT TYPES DATA TRANSFER UPLOADED DOWNLOADED USED TIME
No record found

2.User threat quotient
USER RELATIVE THREAT SCORE
No record found

3.Application categories
CATEGORY HITS BYTES
Social Networking 1155748 844.82 GB
Infrastructure 10099972 751.92 GB
Streaming Media 291832 534.54 GB
Software Update 118008 161.35 GB
General Internet 1261321 150.71 GB

4.Applications
APPLICATION/PROTO:PORT RISK CATEGORY HITS BYTES
Facebook Website 3 Social Networking 686500 803.87 GB
Secure Socket Layer Protocol 1 Infrastructure 6484275 699.17 GB
Youtube Video Streaming 3 Streaming Media 146655 399 GB
Windows Update 3 Software Update 100423 141.21 GB
Zoom Meetings 3 Conferencing 30267 118.5 GB

5.High-risk applications
APPLICATION/PROTO:PORT RISK HITS BYTES
DNS over HTTPS 5 195920 3.34 GB
TOR Proxy 5 198 324.06 KB
ISAKMP VPN 5 104 121.06 KB
Torrent Clients P2P 5 11 114.98 KB
Proxifier Proxy 5 11 21.01 KB

6.Blocked applications
APPLICATION/PROTO:PORT RISK CATEGORY HITS
NetFlix Website 3 Streaming Media 124751
Torrent Clients P2P 5 P2P 40442
ISAKMP VPN 5 Proxy and Tunnel 38442
HTTPort Proxy 4 Proxy and Tunnel 9079
Manual Proxy Surfing 4 Proxy and Tunnel 7020

7.Web categories
CATEGORY CATEGORY TYPE HITS BYTES
Information Technology Acceptable 3975661 579 GB
Social Networking Unproductive 1477356 979.26 GB
Content Delivery Acceptable 1289048 163.01 GB
Search Engines Acceptable 934670 46.27 GB
General Business Acceptable 545448 43.85 GB

8.Web category types
CATEGORY TYPE HITS BYTES
Acceptable 7756785 921.35 GB
Unproductive 2758276 1.48 TB
Objectionable 9127 2.35 GB
Uncategorized 9013 1.54 GB

9.Objectionable web categories
CATEGORY DOMAIN COUNT HITS BYTES
Download Freeware & Shareware 202 3777 1.14 GB
Jobs Search 151 2277 705.09 MB
Gambling 44 2207 269.49 MB
Newly Registered Websites 68 465 209.11 MB
Professional & Workers Organizations 28 326 36.96 MB

10.Objectionable web domains
DOMAIN CATEGORY HITS BYTES
dl.google.com Download Freeware & Shareware 2179 688.55 MB
get-my-push.xyz Gambling 1812 10.47 MB
events.browsiprod.com Jobs Search 328 1.95 MB
sync.aralego.com Jobs Search 320 1.47 MB
app.cryinginkettle.com Newly Registered Websites 173 746.16 KB

11.Web server domains
WEB SERVER DOMAIN BYTES HITS
No record found

12.Blocked web server requests
BLOCKED REASON HITS
No record found

Network & Threats

13.Intrusion attacks
ATTACK HITS
MALWARE-CNC User-Agent known malicious user-agent string - Mirai 678
SCAN Zgrab Scanning Attempt Detected 438
PROTOCOL-ICMP Truncated ICMPv6 denial of service attempt 168
SERVER-WEBAPP ThinkPHP 5.0.23/5.1.31 CVE-2018-20062 Remote Code Execution 122
MALWARE-CNC Mirai Botnet Attack Attempt 111

14.Severity-wise attacks
SEVERITY HITS
Critical 1212
Moderate 562
Major 85

15.Advanced threats
THREAT HOST COUNT ORIGIN EVENTS
C2/Generic-A 6 IPS,DNS,Web 8082

16.Users - ATP
USER HOST COUNT THREAT COUNT EVENTS
Unidentified 6 1 8082

17.Client health
CLIENT HEALTH COUNT PERCENT
Green 39 95.12 %
Red 2 4.88 %

18.Detailed view - client health
HOST (SOURCE IP) HOST NAME HEALTH - LAST SEEN LAST HEALTH CHANGED
10.10.11.169 FAD-AO-NB1-CIT Red -
10.10.11.203 HRRMS-PC2 Red -
10.10.11.37 TIPS-PC3-JRM Green 2023-03-21 09:32:26
10.10.11.17 DESKTOP-J9BK86H Green -
10.10.11.176 PICTS-PC6-P739 Green -

19.Security Heartbeat - ATP
HOST (SOURCE LOGIN PROCESS EXECUTABL THREAT THREAT EVENT LAST EVENTS
IP) USER USER E URL/IP SEEN
No record
found

Email

20.Mail traffic summary
TRAFFIC MAIL COUNT PERCENT
No record found

21.Spam senders
SENDER MAIL COUNT PERCENT
No record found

22.Spam recipients
RECIPIENT MAIL COUNT PERCENT
No record found

23.Mail virus
VIRUS COUNT
No record found

Resource Usage

24.CPU usage
CPU MAX MIN AVERAGE
User 11.91% 4.57% 8.66%
SystemConfiguration 3.72% 1.75% 2.83%
Idle 93.68% 84.37% 88.50%

25.Memory usage
MEMORY MAX MIN AVERAGE
Free 4.82 GB 4.14 GB 4.39 GB
Used 3.43 GB 2.75 GB 3.18 GB
Total 7.57 GB 7.57 GB 7.57 GB

26.Disk usage
PARTITION MAX MIN AVERAGE
Signature 5.00% 0.07% 4.60%
Config 10.00% 0.13% 9.19%
Reports 80.97% 1.01% 72.55%
Temp 0.74% 0.01% 0.63%

27.Live users
LIVE USER MAX MIN AVERAGE
LiveUsers 0.00 0.00 0.00

28.Interface
PORT TRANSFER TYPE MAX MIN AVERAGE
GuestAP ReceivedKBits 0.0 0.0 0.0
GuestAP TransmittedKBits 0.0 0.0 0.0
PortE0 ReceivedKBits 0.0 0.0 0.0
PortE0 TransmittedKBits 0.0 0.0 0.0
PortE1 ReceivedKBits 0.0 0.0 0.0

Executive Report - 16mar2023 - 31mar2023

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Executive Report - 16mar2023 - 31mar2023

Uploaded by

Copyright:

Available Formats

2023-03-16 00:00:00 - 2023-03-31 23:59:59

Filter(s) applied while generating this report:

Server time : Tue Apr 25 12:43:09 PST 2023

Applications & web Network & threats

Users & data transfer VPN

• User count : 0 • VPN connections : 0

• Total user data transfer : 0B • VPN traffic (L2TP,PPTP) : 0B

User applications RED

• Applications accessed : 8013 • RED usage : 0B

• High-risk applications accessed : 26 Wireless

• App risk score (out of 5) : 1.31 • Wireless AP count : 0

• Blocked applications : 34 • SSID count : 0

• Application data transfer : 2.99 TB • Max clients per SSID : 0

Web • Avg clients per SSID : 0

• Web domains accessed : 39580 IPS

• Web domains blocked : 685 • Intrusion attacks : 1859

• Objectionable web domains accessed : 525 • Emergency + critical attacks : 1212

• Web data transfer : 2.38 TB Advanced threat protection

• Web virus : 1 • Host count : 6

Business applications • Threat count : 1

• Web server(s) count : 0 • Events : 8082

• Blocked web server requests : 0 Web admin console logins

• Mails processed : 0 • Failed : 0

• Spam mails : 0 System

• Pattern updates installed : 133

Server time : Tue Apr 25 12:43:09 PST 2023

1. Applications & Web 2. Network & Threats

3. Email 4. Resource Usage

Server time : Tue Apr 25 12:43:09 PST 2023

Server time : Tue Apr 25 12:43:09 PST 2023

Server time : Tue Apr 25 12:43:09 PST 2023

Server time : Tue Apr 25 12:43:09 PST 2023

CATEGORY HITS BYTES

Social Networking 1155748 844.82 GB

Infrastructure 10099972 751.92 GB

Streaming Media 291832 534.54 GB

Software Update 118008 161.35 GB

General Internet 1261321 150.71 GB

Server time : Tue Apr 25 12:43:09 PST 2023

APPLICATION/PROTO:PORT RISK CATEGORY HITS BYTES

Facebook Website 3 Social Networking 686500 803.87 GB

Secure Socket Layer Protocol 1 Infrastructure 6484275 699.17 GB

Youtube Video Streaming 3 Streaming Media 146655 399 GB

Windows Update 3 Software Update 100423 141.21 GB

Zoom Meetings 3 Conferencing 30267 118.5 GB

Server time : Tue Apr 25 12:43:09 PST 2023

APPLICATION/PROTO:PORT RISK HITS BYTES

DNS over HTTPS 5 195920 3.34 GB

TOR Proxy 5 198 324.06 KB

ISAKMP VPN 5 104 121.06 KB

Torrent Clients P2P 5 11 114.98 KB

Proxifier Proxy 5 11 21.01 KB

Server time : Tue Apr 25 12:43:09 PST 2023

APPLICATION/PROTO:PORT RISK CATEGORY HITS

NetFlix Website 3 Streaming Media 124751

Torrent Clients P2P 5 P2P 40442

ISAKMP VPN 5 Proxy and Tunnel 38442

HTTPort Proxy 4 Proxy and Tunnel 9079

Manual Proxy Surfing 4 Proxy and Tunnel 7020

Server time : Tue Apr 25 12:43:09 PST 2023

CATEGORY CATEGORY TYPE HITS BYTES

Information Technology Acceptable 3975661 579 GB