Default

FortiGate System Analysis Report
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4

FortiGate: FG100D-CSL
Bandwidth and Applications
Bandwidth Usage for Past 7 Days
0K
100K
200K
300K
400K
500K
600K
700K
800K
900K
1000K
2
0
1
4
-
0
1
-
1
2
2
0
1
4
-
0
1
-
1
3
2
0
1
4
-
0
1
-
1
4
2
0
1
4
-
0
1
-
1
5
2
0
1
4
-
0
1
-
1
6
2
0
1
4
-
0
1
-
1
7
2
0
1
4
-
0
1
-
1
8
B
a
n
d
w
i
d
t
h

(
b
i
t
/
s
)
In Out
Number of Sessions for Past 7 Days
0K
2K
4K
6K
8K
10K
12K
14K
16K
18K
20K
2
0
1
4
-
0
1
-
1
2
2
0
1
4
-
0
1
-
1
3
2
0
1
4
-
0
1
-
1
4
2
0
1
4
-
0
1
-
1
5
2
0
1
4
-
0
1
-
1
6
2
0
1
4
-
0
1
-
1
7
2
0
1
4
-
0
1
-
1
8
S
e
s
s
i
o
n
s
Top Users by Bandwidth Usage
User IP Sent Received
192.168.25.54 192.168.25.54 2.8 GB
192.168.25.12 192.168.25.12 1.8 GB
192.168.25.22 192.168.25.22 1.4 GB
FSAYAGO 192.168.25.35 114.7 MB
ADMINISTRADO 192.168.25.18 113.3 MB
JMEDINA 192.168.25.38 105.6 MB
VRIONERO 192.168.25.40 91.5 MB
AMAIO 192.168.25.34 91.1 MB
OmasB 192.168.25.12 76.4 MB
armando gallo 192.168.25.54 53.8 MB
Top Users by Sessions
User IP Sessions
192.168.25.12 192.168.25.12 33.3 K
192.168.25.22 192.168.25.22 29.2 K
192.168.25.54 192.168.25.54 20.8 K
ADMINISTRADO 192.168.25.200 15.1 K
192.168.25.27 192.168.25.27 12.1 K
JMEDINA 192.168.25.38 5.3 K
LABORATORIO 192.168.25.42 3.8 K
LABORATORIO 192.168.25.23 3.2 K
TRIMAGENES 192.168.25.50 2.9 K
AMAIO 192.168.25.34 1.9 K
Top Applications by Bandwidth Usage
Application Sent Received
HTTP 3.1 GB
HTTPS 2.1 GB
IMAPS 990.9 MB
IMAP 761.9 MB
9988/tcp 42.1 MB
POP3 19.6 MB
587/tcp 17.6 MB
POP3S 15.5 MB
55653/udp 9.7 MB
5222/tcp 6.3 MB
Top Applications by Sessions
Application Sessions
HTTP 83.6 K
HTTPS 49.0 K
DNS 13.6 K
5938/tcp 799
IMAPS 758
3478/udp 756
5222/tcp 366
POP3 290
5223/tcp 226
5228/tcp 170
Top Destinations by Bandwidth Usage
200.74.222.100 (786.9 MB)
173.194.68.109 (681.2 MB)
173.194.68.108 (220.1 MB)
142.4.210.40 (169.8 MB)
201.248.76.13 (111.2 MB)
201.248.76.12 (111.1 MB)
23.15.5.206 (110.9 MB)
23.15.5.115 (106.7 MB)
23.15.5.213 (99.9 MB)
201.248.76.15 (94.2 MB)
Top Destinations by Sessions
200.44.32.12 (12.8 K)
190.9.128.216 (7.2 K)
200.58.111.148 (2.2 K)
142.4.210.40 (1.4 K)
microsoft.com (1.4 K)
93.184.216.139 (1.4 K)
windowsupdate.com (1.3 K)
108.59.5.129 (1.0 K)
95.211.37.197 (1.0 K)
verisign.com (936)
Fortinet Inc. All rights reserved 1
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Bandwidth and Applications
DHCP Summary
Interface Allocated / Available New Clients Count
Top Wifi Client by Bandwidth
IP SSID MAC Sent Received
Number of Active Users for Past 7 Days
0
2
4
6
8
10
12
14
16
18
20
2
0
1
4
-
0
1
-
1
2
2
0
1
4
-
0
1
-
1
3
2
0
1
4
-
0
1
-
1
4
2
0
1
4
-
0
1
-
1
5
2
0
1
4
-
0
1
-
1
6
2
0
1
4
-
0
1
-
1
7
2
0
1
4
-
0
1
-
1
8
A
c
t
i
v
e

U
s
e
r
s
Web Usage
Top Allowed Websites by Requests
Website Requests
Top Websites by Bandwidth
Website Sent Received
megaapi.com 3.7 MB
microsoft.com 3.1 MB
csleon.com 3.0 MB
windowsupdate.com 2.8 MB
twitter.com 2.3 MB
samsung.com 2.2 MB
verisign.com 2.0 MB
lapatilla.com 1.2 MB
geotrust.com 1019.1 KB
google.com 848.8 KB
Top Blocked Websites by Requests
Website Requests
microsoft.com 1.4 K
windowsupdate.com 1.3 K
verisign.com 936
megaapi.com 935
geotrust.com 478
adobe.com 360
sanasecurity.com 324
digicert.com 270
facebook.net 242
public-trust.com 236
Top Blocked Users
User(or IP) Hostname(MAC) Requests
TRIMAGENES PSL0031 1.8 K
JMEDINA PSL0046 1.3 K
ETORO PSL0049 838
CAZOCAR PSL0020 570
LABORATORIO c8:9c:dc:f9:5a:85 410
GGRATEROL PSL0030 406
LABORATORIO PSL0047 318
ETORO PSL0032 231
JTRUJILLO PSL0073 222
CAZOCAR PSL0073 209
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Web Usage
Top Web Users by Requests
User(or IP) Hostname(MAC) Requests
TRIMAGENES PSL0031 1.8 K
JMEDINA PSL0046 1.3 K
ETORO PSL0049 838
CAZOCAR PSL0020 570
LABORATORIO c8:9c:dc:f9:5a:85 410
GGRATEROL PSL0030 406
LABORATORIO PSL0047 318
ETORO PSL0032 231
JTRUJILLO PSL0073 222
CAZOCAR PSL0073 209
Average Usage of Top 10 623
Top Web Users by Bandwidth
User(or IP) Hostname(Mac) Sent Received
JMEDINA PSL0046 7.3 MB
TRIMAGENES PSL0031 3.8 MB
VRIONERO PSL0075 2.6 MB
AMAIO psl0056 2.6 MB
ETORO PSL0049 1.8 MB
CAZOCAR PSL0020 1.2 MB
LABORATORIO c8:9c:dc:f9:5a:85 980.4 KB
GGRATEROL PSL0030 882.0 KB
LABORATORIO PSL0047 720.2 KB
ana maio psl0056 602.2 KB
Average Usage of Top 10 2.3 MB
Top Web Streaming Websites by Bandwidth
% Website Sent Received
95.3% megaapi.com 3.9 M
4.6% youtube.com 188.3 K
0.1% farolatino.com 4.3 K
Emails
Top Senders by Number of Emails
Sender Number of Emails
Top Email Senders by Bandwidth
Sender Bandwidth
Top Recipients by Number of Emails
Recipient Number of Emails
Top Email Recipients by Bandwidth
Recipient Bandwidth
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Threats
Top Viruses by Name
Virus Name Occurrence
oversize 5
av-error 2
Top Virus Victims
Virus Victim Occurrence
CAZOCAR 2
FSAYAGO 1
JMEDINA 1
OmasB 1
RLADERA 1
VRIONERO 1
Top Attack Sources
Top Attack Victims
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
VPN Usage
Top Site-to-Site IPSec Tunnels by Bandwidth
Tunnel Sent Received
Top Dial-Up IPSec Tunnels by Bandwidth
User Tunnel Sent Received
Top SSL-VPN Tunnel Users by Bandwidth
Top SSL-VPN Web Mode Users by Bandwidth
Top Dial Up Users
User Type Duration (Sec) Sent Received
VPN Traffic Usage Trend
0
1
2
3
4
5
6
7
8
9
10
2
0
1
4
-
0
1
-
1
2
2
0
1
4
-
0
1
-
1
3
2
0
1
4
-
0
1
-
1
4
2
0
1
4
-
0
1
-
1
5
2
0
1
4
-
0
1
-
1
6
2
0
1
4
-
0
1
-
1
7
2
0
1
4
-
0
1
-
1
8
B
a
n
d
w
i
d
t
h

(
b
i
t
/
s
)
SSL Out SSL In IPSec Out IPSec In
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Admin Login and System Events
Admin Login Summary
=Config Changed =Config Not Changed
Date/Time User Name Login Interface Duration Date/Time User Name Login Interface Duration
01/13 09:48 admin https(192.168.25.240) 01h 05m 13s
System Activity Summary
Date/Time Event Date/Time Event
01/13 11:12 Edit log.eventfilter
01/13 11:11 Administrator admin logged in successfully from https(192.168.25.24
01/13 10:53 Administrator admin timed out on https(192.168.25.240)
01/13 10:53 Configuration is changed in the admin session
01/13 10:30 Edit system.dns
01/13 10:29 unable to resolve FortiGuard hostname
01/13 10:16 debug log file has been downloaded by user admin via GUI(192.168.
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix A - Individual Report for 1st Highest User: 192.168.25.54 Usage: 2.8 GB IP: 192.168.25.54 Device: Armando
Traffic Summary
Total Number of Sessions 20.8 K
Total Number of Bytes
2.8 GB
2.5 GB in 293.2 MB out
Top 5 Destinations
Destination Number of Sessions APP
142.4.210.40 1.4 K HTTPS
216.38.56.140 446 HTTP
199.16.156.52 408 HTTPS
141.101.113.240 310 HTTP
199.16.156.201 303 HTTPS
Email Activity Summary
Number Bandwidth
0 0 0 B 0 B
Total Email Sent Total Email Received
Top 5 Email Recipients
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Web Activity Summary
Top 10 Allowed Sites
Host Name Number of Visits
Top 10 Blocked Sites
Threat Summary
Threat Name Type Counts
Application Summary
Top 5 Applications by Bandwidth
IMAPS (981.1 MB)
IMAP (761.9 MB)
HTTPS (551.7 MB)
HTTP (535.8 MB)
587/tcp (11.0 MB)
Top 5 Applications by Sessions
HTTP (11.9 K)
HTTPS (7.4 K)
3478/udp (756)
IMAPS (348)
IMAP (107)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix B - Individual Report for 2nd Highest User: 192.168.25.12 Usage: 1.8 GB IP: 192.168.25.12 Device:
Traffic Summary
1.8 GB
Top 5 Destinations
31.13.73.129 276 HTTPS
64.212.73.123 241 HTTP
118.214.160.11 221 HTTP
72.21.91.19 207 HTTP
118.214.160.32 192 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Threat Summary
oversize 1
Application Summary
HTTP (921.8 MB)
HTTPS (882.3 MB)
IMAPS (2.7 MB)
5222/tcp (2.1 MB)
5223/tcp (959.9 KB)
HTTPS (17.8 K)
HTTP (14.6 K)
5223/tcp (204)
5222/tcp (195)
IMAPS (103)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix C - Individual Report for 3rd Highest User: 192.168.25.22 Usage: 1.4 GB IP: 192.168.25.22 Device: Realtek
Traffic Summary
1.4 GB
Top 5 Destinations
93.184.216.139 314 HTTPS
152.186.37.251 279 HTTP
200.6.158.110 257 HTTP
217.212.243.186 249 HTTP
23.5.146.110 229 HTTPS
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Threat Summary
Application Summary
HTTPS (663.3 MB)
HTTP (652.3 MB)
9988/tcp (42.1 MB)
POP3S (15.5 MB)
55653/udp (9.7 MB)
HTTP (14.3 K)
HTTPS (14.2 K)
IMAPS (307)
POP3S (156)
5222/tcp (89)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix D - Individual Report for 4th Highest User: FSAYAGO Usage: 115.1 MB IP: 192.168.25.35 Device: PSL0037
Traffic Summary
115.1 MB
107.2 MB in 7.9 MB out
Top 5 Destinations
67.228.72.131 112 HTTP
50.18.117.100 104 HTTP
23.5.148.163 89 HTTP
190.15.178.212 85 HTTP
msn.com 52 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
msn.com 52
Threat Summary
oversize 1
Application Summary
HTTP (97.9 MB)
POP3 (13.7 MB)
HTTPS (3.1 MB)
26/tcp (11.2 KB)
HTTP (1.4 K)
HTTPS (125)
POP3 (9)
26/tcp (2)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix E - Individual Report for 5th Highest User: ADMINISTRADOR Usage: 183.7 MB IP: 192.168.25.240 Device:
Traffic Summary
183.7 MB
165.6 MB in 18.1 MB out
Top 5 Destinations
200.44.32.12 12.5 K DNS
8.8.8.8 663 DNS
157.238.195.220 156 HTTP
200.58.111.148 106 HTTP
190.9.128.216 96 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Threat Summary
Application Summary
HTTP (150.1 MB)
HTTPS (29.5 MB)
DNS (3.0 MB)
5222/tcp (734.1 KB)
32000/tcp (218.6 KB)
DNS (13.2 K)
HTTPS (1.7 K)
HTTP (1.0 K)
32000/tcp (18)
5222/tcp (5)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix F - Individual Report for 6th Highest User: JMEDINA Usage: 105.6 MB IP: 192.168.25.38 Device: PSL0046
Traffic Summary
105.6 MB
Top 5 Destinations
megaapi.com 934 HTTP
23.15.5.197 505 HTTP
23.15.5.207 452 HTTP
216.33.197.90 375 HTTP
216.33.196.90 272 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
megaapi.com 934
facebook.net 200
google.com 72
twitter.com 24
youtube.com 20
Threat Summary
oversize 1
Application Summary
HTTP (97.6 MB)
HTTPS (7.3 MB)
8008/tcp (665.3 KB)
5222/tcp (124.2 KB)
DNS (8.9 KB)
HTTP (5.0 K)
HTTPS (273)
8008/tcp (52)
DNS (39)
5222/tcp (16)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix G - Individual Report for 7th Highest User: VRIONERO Usage: 91.5 MB IP: 192.168.25.40 Device: PSL0075
Traffic Summary
Total Number of Sessions 992
91.5 MB
Top 5 Destinations
141.101.123.240 104 HTTP
141.101.113.240 100 HTTP
74.125.229.186 57 HTTP
twitter.com 56 HTTP
23.23.149.79 37 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
twitter.com 56
lapatilla.com 32
sharethis.com 31
alostream.com 20
facebook.net 4
Threat Summary
av-error 1
Application Summary
HTTP (91.5 MB)
HTTP (992)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix H - Individual Report for 8th Highest User: AMAIO Usage: 97.3 MB IP: 192.168.25.34 Device: psl0056
Traffic Summary
97.3 MB
Top 5 Destinations
200.58.111.148 266 HTTP
google.com 72 HTTP
200.74.222.100 70 POP3
204.79.197.200 66 HTTP
23.15.5.197 47 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
google.com 72
csleon.com 41
facebook.net 5
jnj.com 5
facebook.com 3
Threat Summary
Application Summary
HTTP (81.6 MB)
HTTPS (14.0 MB)
POP3 (1.5 MB)
26/tcp (90.1 KB)
5222/tcp (30.6 KB)
HTTP (1.6 K)
HTTPS (338)
POP3 (70)
26/tcp (3)
8008/tcp (2)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix I - Individual Report for 9th Highest User: OmasB Usage: 76.4 MB IP: 192.168.25.12 Device:
Traffic Summary
Total Number of Sessions 651
76.4 MB
Top 5 Destinations
107.21.122.36 17 HTTP
google.com 17 HTTP
118.214.160.33 16 HTTP
77.234.42.66 16 HTTP
23.0.90.82 14 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
google.com 17
sharethis.com 13
youtube.com 12
logitech.com 4
twitter.com 2
Threat Summary
oversize 1
Application Summary
HTTP (76.4 MB)
HTTP (651)
for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4
Appendix J - Individual Report for 10th Highest User: armando gallo Usage: 79.9 MB IP: 192.168.25.5 Device: android-bda8576acd96b
Traffic Summary
79.9 MB
Top 5 Destinations
63.116.58.124 146 HTTP
108.160.162.40 113 HTTP
108.160.163.43 110 HTTP
216.38.56.140 74 HTTP
50.22.11.30 71 HTTP
Number Bandwidth
0 0 0 B 0 B
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
ivoox.com 18
google.com 6
alostream.com 1
Threat Summary
Application Summary
HTTP (79.9 MB)
HTTP (2.8 K)

Default

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Default

Hochgeladen von

Copyright:

Verfügbare Formate

FortiGate System Analysis Report

for 2014-01-11 23:30 -- 2014-01-18 23:29 GMT-4

Das könnte Ihnen auch gefallen