Default Schedule Default

FortiGate Daily Security Report
Report Date: 2019-06-15
Data Range: Jun 14, 2019 (PIEP-PJ11-FW1)
Fortinet Inc. All Rights Reserved. Created on Jun 15,2019 00:01

Table of Contents
Bandwidth and Applications...................................................................................................................................... 1

Bandwidth......................................................................................................................................................................... 1
Number of Sessions.......................................................................................................................................................... 1
Traffic Statistics................................................................................................................................................................. 2
Top Applications by Bandwidth......................................................................................................................................... 2
Top Application Categories by Bandwidth........................................................................................................................ 2
Top Users by Bandwidth................................................................................................................................................... 3
Number of Active Users.................................................................................................................................................... 3
Top Destinations by Bandwidth........................................................................................................................................ 3
Web Usage............................................................................................................................................................... 4
Top Allowed Websites...................................................................................................................................................... 4
Top Websites by Bandwidth............................................................................................................................................. 4
Top Blocked Websites...................................................................................................................................................... 4
Top Users by Blocked Requests....................................................................................................................................... 4
Top Users by Requests.................................................................................................................................................... 4
Top Users by Bandwidth................................................................................................................................................... 4
Top Video Streaming Web Sites by Bandwidth................................................................................................................ 5
Emails....................................................................................................................................................................... 6
Top Senders by Number of Emails................................................................................................................................... 6
Top Senders by Combined Email Size............................................................................................................................. 6
Top Recipients by Number of Emails................................................................................................................................ 6
Top Recipients by Combined Email Size.......................................................................................................................... 6
Threats...................................................................................................................................................................... 7
Malware Detected............................................................................................................................................................. 7
Malware Victims................................................................................................................................................................ 7
Malware Sources.............................................................................................................................................................. 7
Malware History................................................................................................................................................................ 7
Botnet Detected................................................................................................................................................................ 7
Botnet Victims................................................................................................................................................................... 7
Botnet C&C....................................................................................................................................................................... 8
Botnet History................................................................................................................................................................... 8
Intrusions Detected........................................................................................................................................................... 8
Intrusion Victims................................................................................................................................................................ 8
Intrusion Sources.............................................................................................................................................................. 8
Intrusions Blocked............................................................................................................................................................. 8
Intrusions By Severity....................................................................................................................................................... 9
Intrusion History................................................................................................................................................................ 9
FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1

VPN Usage............................................................................................................................................................... 10
Site-to-Site IPSec Tunnels by Bandwidth......................................................................................................................... 10
Client-to-Site IPSec Tunnels by Bandwidth...................................................................................................................... 10
SSL-VPN Tunnel Users by Bandwidth.............................................................................................................................. 10
SSL-VPN Web Mode Users by Bandwidth....................................................................................................................... 10
Admin Login and System Events.............................................................................................................................. 11

Admin Login Summary...................................................................................................................................................... 11
List of Failed Logins.......................................................................................................................................................... 11
System Events.................................................................................................................................................................. 11

Sessions Bandwidth (bit/s)
0
900
1800
2700
3600
4500
5400
6300
7200
8100
9000
00
0K
200K
400K
600K
800K
1000K
1200K
1400K
1600K
1800K
2000K
Bandwidth
:0 00
0 :0
0
01
:0 01
0 :0
0
Number of Sessions
02
:0 02
0 :0
0
03
:0 03
0 :0
0
04
:0 04
0 :0
0
05
:0 05
0 :0
0
06 06
:0
0
Bandwidth and Applications
:0
0
07 07
:0
0 :0
0

08 08
:0
0 :0
0
09 09
:0
0 :0
0
10 10
:0 :0
0 0
11 11
:0 :0
0 0
12 12
:0 :0
0 0
13 13
:0 :0
0 0
14 14
:0 :0
0 0
15 15
:0 :0
0 0
16 16
:0 :0
0 0
17 17
:0 :0
0 0
18 18
:0 :0
0 0
19 19
:0 :0
0 0
20 20
:0 :0
0 0
21 21
:0 :0
Traffic Out
0 0
22 22
:0 :0
0 0
23 23
Traffic In
:0 :0
0 0
Page 1 of 11
Traffic Statistics
Summary Stats
Total Sessions 21.1 K
Total Bytes In: 724.5 MB Out: 546.4 MB
Average Sessions Per Hour 878
Average Bytes Per Hour In: 30.2 MB Out: 22.8 MB
Most Active Hour By Sessions 2019-06-14 21:00
Total Users 45
Total Applications 62
Total Destinations 390
Top Applications by Bandwidth

Application Traffic Out Traffic In Sessions
SSL 920.6 MB 2.1 K
HTTPS.BROWSER 269.8 MB 6.8 K
HTTP.BROWSER 29.1 MB 2.3 K
Microsoft.Portal 14.6 MB 2.1 K
HTTP.Download.Accelerator 12.9 MB 1
AnyDesk 4.3 MB 1.3 K
Google.Ads 4.1 MB 98
MS.Windows.Update 2.4 MB 1.9 K
WhatsApp 2.3 MB 27
YouTube 1.8 MB 10
Top Application Categories by Bandwidth

Application Category Traffic Out Traffic In Sessions
Network.Service 921.1 MB 2.7 K
Web.Client 298.9 MB 9.1 K
General.Interest 19.8 MB 619
Collaboration 17.5 MB 2.2 K
Remote.Access 4.3 MB 1.3 K
Update 4.3 MB 5.0 K
Video/Audio 1.8 MB 10
Email 909.4 KB 6
Business 700.7 KB 36
Social.Media 666.8 KB 57
FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 2 of 11

Top Users by Bandwidth
User Host Traffic Out Traffic In Sessions
10.3.82.104 PIEP15CG8151629 469.2 MB 716
10.3.82.103 PIEP25CG8142R39 297.9 MB 848
10.3.92.124 PIEP15CG8151629 206.1 MB 614
10.3.92.3 HUAWEI_nova_2i-b59501e6f3 175.1 MB 359
10.3.92.118 d4:61:da:ac:f0:29 44.6 MB 288
10.3.84.98 PIEP04PRATOMO 23.1 MB 3.5 K
10.3.92.120 PIEP25CG8142R39 13.8 MB 1.3 K
helmy.sutarto 10.3.85.64 8.6 MB 560
10.3.84.114 PND0265 7.0 MB 3.7 K
10.3.85.142 PIEP15CG8151629 6.1 MB 1.8 K
Number of Active Users

30
27
24
21
Active Users
18
15
12
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Top Destinations by Bandwidth
Hostname (or IP) Traffic Out Traffic In Sessions
cbn.net.id 463.4 MB 41
ooklaserver.net 444.9 MB 86
gvt1.com 176.4 MB 16
fg5h1e5819901262 48.8 MB 7.4 K
pertamina.com 26.2 MB 489
cdninstagram.com 22.9 MB 48
detik.net.id 14.7 MB 91
adcolony.com 12.8 MB 12
google.com 4.4 MB 821
anynet relay 4.3 MB 1.3 K

Web Usage
Top Allowed Websites
Website Requests
No matching log data for this report
Top Websites by Bandwidth

Website Traffic Out Traffic In
anynet relay 4.3 MB
target.com 180.2 KB
walmart.com 63.7 KB
202.20.106.126 7.8 KB
Top Blocked Websites

Website Requests
anynet relay 1.3 K
target.com 26
walmart.com 10
202.20.106.126 2
Top Users by Blocked Requests

User(or IP) Hostname(MAC) Requests
helmy.sutarto PIEP25CG8142R39 1.3 K
10.3.82.104 PIEP15CG8151629 22
10.3.92.124 PIEP15CG8151629 4
Top Users by Requests

User(or IP) Hostname(MAC) Requests
helmy.sutarto PIEP25CG8142R39 1.3 K
10.3.82.104 PIEP15CG8151629 22
10.3.92.124 PIEP15CG8151629 4
Average Usage of Top 3 452
Top Users by Bandwidth

User(or IP) Hostname(Mac) Traffic Out Traffic In
helmy.sutarto PIEP25CG8142R39 4.4 MB
10.3.82.104 PIEP15CG8151629 150.5 KB
10.3.92.124 PIEP15CG8151629 25.5 KB
Average Usage of Top 3 1.5 MB

Top Video Streaming Web Sites by Bandwidth

Emails
Top Senders by Number of Emails
Sender Number of Emails
Top Senders by Combined Email Size

Sender Bandwidth
Top Recipients by Number of Emails

Recipient Number of Emails
Top Recipients by Combined Email Size

Recipient Bandwidth

Threats
Malware Detected
# Malware Name Malware Type Occurrence
Malware Victims
# Victim Occurrence
Malware Sources
# Malware Source Host Name Counts
Malware History
10
6
# of Viruses
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
Botnet Detected 23
# Botnet Name Counts

Botnet Victims
# Victim Name Counts

Botnet C&C
# C & C IP Host Name Counts
Botnet History
10
6
# of Botnet
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Intrusions Detected
# Intrusion Name Counts
1 unknown 12
Intrusion Victims
# Intrusion Victim Counts
1 54.192.151.41 11
2 54.192.151.68 1
Intrusion Sources
# Intrusion Source Counts
1 10.3.84.98 12
Intrusions Blocked
# Intrusion Name Counts

Intrusions By Severity
% Severity Occurrence
100.0% info 12
Intrusion History
20
18
16
14
# of Intrusions
12
10
0
0
0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
:0
00
01
02
03
04
05
06
07
08
09
10
11
12
13
14
15
16
17
18
19
20
21
22
23

VPN Usage
Site-to-Site IPSec Tunnels by Bandwidth
# Tunnel Duration Traffic Out Traffic In
Client-to-Site IPSec Tunnels by Bandwidth

# User Tunnel Duration Traffic Out Traffic In
SSL-VPN Tunnel Users by Bandwidth

# User IP Traffic Out Traffic In
SSL-VPN Web Mode Users by Bandwidth

# User IP Traffic Out Traffic In

Admin Login and System Events
Admin Login Summary
# User Name Login Interface Total # of Logins Total # of Configuration Changes Total Duration
1 admin jsconsole 7 0 01h 11m 31s
2 admin https(139.255.99.18) 4 3 01h 15m 55s
3 admin https(172.16.10.10) 4 2 07h 27m 48s
4 admin https(182.0.210.11) 2 1 07h 11m 10s
5 admin console 1 0 05m 41s
6 admin ssh(169.254.0.2) 1 0 23m 42s
List of Failed Logins

# User Name Login Interface # of Failed Logins
1 admin https(172.16.10.10) 1
System Events
# Event Name (Description) Severity Counts
1 Configuration changed 6
2 Admin login failed 1
3 FortiGate update failed 11
4 Heartbeat device interface down 10
5 Virtual cluster member joined 8
6 Virtual cluster member dead 4
7 Device rebooted 2
8 Device shutdown 2
9 FortiGuard web filter license expired 1
10 FortiGuard hostname unresolvable 101
11 Interface status changed 337
12 Admin performed an action from GUI 2
13 Authentication error 1

Default Schedule Default

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Default Schedule Default

Caricato da

Copyright:

Formati disponibili

FortiGate Daily Security Report

Report Date: 2019-06-15

Data Range: Jun 14, 2019 (PIEP-PJ11-FW1)

Fortinet Inc. All Rights Reserved. Created on Jun 15,2019 00:01

Bandwidth and Applications...................................................................................................................................... 1

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1

Admin Login and System Events.............................................................................................................................. 11

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1

Top Applications by Bandwidth

Top Application Categories by Bandwidth

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 2 of 11

Number of Active Users

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 3 of 11

Top Websites by Bandwidth

Top Blocked Websites

Top Users by Blocked Requests

Top Users by Requests

Top Users by Bandwidth

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 4 of 11

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 5 of 11

Top Senders by Combined Email Size

Top Recipients by Number of Emails

Top Recipients by Combined Email Size

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 6 of 11

# Botnet Name Counts

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 7 of 11

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 8 of 11

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 9 of 11

Client-to-Site IPSec Tunnels by Bandwidth

SSL-VPN Tunnel Users by Bandwidth

SSL-VPN Web Mode Users by Bandwidth

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 10 of 11

2 admin https(139.255.99.18) 4 3 01h 15m 55s

3 admin https(172.16.10.10) 4 2 07h 27m 48s

4 admin https(182.0.210.11) 2 1 07h 11m 10s

5 admin console 1 0 05m 41s

6 admin ssh(169.254.0.2) 1 0 23m 42s

List of Failed Logins

2 Admin login failed 1

3 FortiGate update failed 11

4 Heartbeat device interface down 10

5 Virtual cluster member joined 8

6 Virtual cluster member dead 4

9 FortiGuard web filter license expired 1

10 FortiGuard hostname unresolvable 101

11 Interface status changed 337

12 Admin performed an action from GUI 2

FortiGate Daily Security Report - Host Name: PIEP-PJ11-FW1 Page 11 of 11

Potrebbero piacerti anche