default schedule default 2014 06-26-000102
DESCRIPTION
ManualTRANSCRIPT
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Bandwidth and Applications
Bandwidth Usage for Past 24 Hours
0K
500K
1000K
1500K
2000K
2500K
3000K
3500K
4000K
4500K
5000K
00:0
001
:0002
:0003
:0004
:0005
:0006
:0007
:0008
:0009
:0010
:0011
:0012
:0013
:0014
:0015
:0016
:0017
:0018
:0019
:0020
:0021
:0022
:0023
:00
Ban
dwid
th (
bit/s
)
In Out Number of Sessions for Past 24 Hours
0K
2K
4K
6K
8K
10K
12K
14K
16K
18K
20K
00:0
001
:0002
:0003
:0004
:0005
:0006
:0007
:0008
:0009
:0010
:0011
:0012
:0013
:0014
:0015
:0016
:0017
:0018
:0019
:0020
:0021
:0022
:0023
:00
Ses
sion
s
Top Users by Bandwidth Usage
User IP Sent Recv
192.168.0.138 192.168.0.138 1.6 GB
192.168.0.248 192.168.0.248 1.2 GB
192.168.0.189 192.168.0.189 971.3 MB
192.168.0.75 192.168.0.75 942.2 MB
192.168.0.143 192.168.0.143 938.2 MB
192.168.0.195 192.168.0.195 751.1 MB
192.168.0.15 192.168.0.15 676.3 MB
192.168.0.156 192.168.0.156 618.8 MB
192.168.0.72 192.168.0.72 576.6 MB
192.168.0.245 192.168.0.245 511.1 MB
Top Users by Sessions
User IP Sessions
192.168.0.5 192.168.0.5 12.6 K
192.168.0.104 192.168.0.104 6.4 K
192.168.0.246 192.168.0.246 6.3 K
192.168.0.107 192.168.0.107 5.3 K
192.168.0.167 192.168.0.167 4.5 K
192.168.0.248 192.168.0.248 4.1 K
192.168.0.103 192.168.0.103 3.0 K
192.168.0.142 192.168.0.142 2.8 K
192.168.0.118 192.168.0.118 2.8 K
192.168.0.84 192.168.0.84 2.5 K
Top Applications by Bandwidth Usage
Application Sent Recv
YouTube 3.8 GB
HTTP.Video 3.7 GB
HTTP 2.5 GB
HTTP.Audio 1.9 GB
Gmail 677.1 MB
POP3S 663.1 MB
MS.Windows.Update 401.4 MB
Ultrasurf_9.6+ 327.7 MB
HTTP.Download.Accelerator 89.2 MB
Facebook 79.8 MB
Top Applications by Sessions
Application Sessions
HTTP 71.8 K
POP3S 22.1 K
Twitter 4.1 K
Gmail 3.9 K
YouTube 3.6 K
Skype 3.6 K
MS.Windows.Update 2.8 K
DNS 800
HTTP.Video 796
Hotmail 746
Top Destinations by Bandwidth Usage
googlevideo.com (7.8 GB)
youtube.com (808.6 MB)
gmail.com (744.1 MB)
google.com (724.9 MB)
akamaihd.net (614.9 MB)
microsoft.com (545.8 MB)
yac.mx (432.4 MB)
windowsupdate.com (361.2 MB)
ytimg.com (110.0 MB)
pinimg.com (95.9 MB)
Top Destinations by Sessions
gmail.com (21.8 K)
it-finance.com (13.9 K)
google.com (5.1 K)
twitter.com (4.2 K)
terra.com.mx (3.8 K)
doubleclick.net (3.1 K)
googlevideo.com (2.7 K)
microsoft.com (2.6 K)
youtube.com (2.1 K)
googlesyndication.com (1.8 K)
Fortinet Inc. All rights reserved 1
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Bandwidth and Applications
DHCP Summary
Interface Allocated / Available New Clients Count
Top Wifi Client by Bandwidth
IP SSID MAC Sent Recv
Number of Active Users for Past 24 Hours
0
20
40
60
80
100
120
140
160
180
200
00:0
001
:0002
:0003
:0004
:0005
:0006
:0007
:0008
:0009
:0010
:0011
:0012
:0013
:0014
:0015
:0016
:0017
:0018
:0019
:0020
:0021
:0022
:0023
:00
Act
ive
Use
rs
Web Usage
Top Allowed Websites by Requests
Website Requests
it-finance.com 13.9 K
terra.com.mx 3.8 K
doubleclick.net 3.1 K
googlevideo.com 2.7 K
googlesyndication.com 1.9 K
ytimg.com 1.6 K
msn.com 1.6 K
youtube.com 1.4 K
info7.mx 1.4 K
ooyala.com 1.3 K
Top Websites by Bandwidth
Website Sent Recv
googlevideo.com 7.8 GB
akamaihd.net 615.0 MB
microsoft.com 508.4 MB
yac.mx 432.4 MB
windowsupdate.com 361.2 MB
ytimg.com 110.0 MB
pinimg.com 95.9 MB
info7.mx 86.1 MB
andrea.com 83.2 MB
googlesyndication.com 64.3 MB
Top Blocked Websites by Requests
Website Requests
crwdcntrl.net 126
kalooga.com 39
m2pub.com 36
dalealplay.com 27
txtsrving.info 25
beforeitsnews.com 22
adroll.com 17
frogupdate.com 11
stgbssint.com 11
infolinks.com 10
Top Blocked Users
User(or IP) Hostname(MAC) Requests
192.168.0.246 2c:27:d7:1c:39:a5 122
192.168.0.15 60:67:20:a0:ec:04 45
192.168.0.127 d4:85:64:03:bf:ad 36
192.168.0.220 d4:85:64:03:bf:24 29
192.168.0.118 d4:85:64:03:bf:51 18
192.168.0.134 d4:85:64:03:bf:82 16
192.168.0.248 d4:85:64:03:bf:a8 16
192.168.0.167 00:26:82:cb:bd:a2 15
192.168.0.249 20:10:7a:23:42:0b 14
192.168.0.86 00:26:82:cb:bd:9b 14
Fortinet Inc. All rights reserved 2
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Web Usage
Top Web Users by Requests
User(or IP) Hostname(MAC) Requests
192.168.0.5 d4:85:64:03:bf:f8 12.6 K192.168.0.104 d4:85:64:03:be:ca 6.0 K192.168.0.246 2c:27:d7:1c:39:a5 5.9 K192.168.0.107 2c:27:d7:36:58:fd 4.2 K192.168.0.248 d4:85:64:03:bf:a8 3.9 K192.168.0.167 00:26:82:cb:bd:a2 3.2 K192.168.0.103 d4:85:64:03:bf:b7 2.9 K192.168.0.142 d4:85:64:03:bf:17 2.4 K192.168.0.84 00:21:85:9c:af:44 2.3 K192.168.0.85 10:60:4b:80:5c:b6 2.2 KAverage Usage of Top 10 4.6 K
Top Web Users by Bandwidth
User(or IP) Hostname(Mac) Sent Recv
192.168.0.138 1c:c1:de:a1:ed:d7 1.6 GB
192.168.0.248 d4:85:64:03:bf:a8 1.2 GB
192.168.0.189 b8:a3:86:8e:59:ec 971.2 MB
192.168.0.143 d4:85:64:03:bf:16 922.1 MB
192.168.0.75 00:25:ab:1e:cb:4c 914.0 MB
192.168.0.15 60:67:20:a0:ec:04 671.6 MB
192.168.0.156 d4:85:64:03:bf:6b 613.3 MB
192.168.0.72 40:f0:2f:c5:69:8c 575.5 MB
192.168.0.245 d4:85:64:03:bf:72 453.5 MB
192.168.0.142 d4:85:64:03:bf:17 436.5 MB
Average Usage of Top 10 836.0 MB
Top Web Streaming Websites by Bandwidth
% Website Sent Recv
45.3% youtube.com 53.6 M
22.2% msn.com 26.3 M
15.6% savefrom.net 18.5 M
7.2% thestaticvube.com 8.5 M
3.0% netflix.com 3.6 M
6.8% others 8.1 M
Emails
Top Senders by Number of Emails
Sender Number of Emails
Top Email Senders by Bandwidth
Sender Bandwidth
Top Recipients by Number of Emails
Recipient Number of Emails
Top Email Recipients by Bandwidth
Recipient Bandwidth
Fortinet Inc. All rights reserved 3
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Threats
Top Viruses by Name
Virus Name Occurrence
Top Virus Victims
Virus Victim Occurrence
Top Attack Sources
% Attack Source Occurrence
27.0% 199.66.238.110 10
24.3% 192.168.0.37 9
24.3% 199.66.238.111 9
24.3% 199.66.238.112 9
Top Attack Victims
% Attack Victim Occurrence
75.7% 192.168.0.37 28
8.1% 199.66.238.110 3
8.1% 199.66.238.111 3
8.1% 199.66.238.112 3
Fortinet Inc. All rights reserved 4
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
VPN Usage
Top Site-to-Site IPSec Tunnels by Bandwidth
Tunnel Sent Recv
Top Dial-Up IPSec Tunnels by Bandwidth
User Tunnel Sent Recv
Top SSL-VPN Tunnel Users by Bandwidth
User IP Sent Recv
Top SSL-VPN Web Mode Users by Bandwidth
User IP Sent Recv
Top Dial Up Users
User Type Duration (Sec) Sent Recv
VPN Traffic Usage Trend
0
1
2
3
4
5
6
7
8
9
10
00:0
001
:0002
:0003
:0004
:0005
:0006
:0007
:0008
:0009
:0010
:0011
:0012
:0013
:0014
:0015
:0016
:0017
:0018
:0019
:0020
:0021
:0022
:0023
:00
Ban
dwid
th (
bit/s
)
SSL Out SSL In IPSec Out IPSec In
Fortinet Inc. All rights reserved 5
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Admin Login and System Events
Admin Login Summary =Config Changed =Config Not Changed
Date/Time User Name Login Interface Duration Date/Time User Name Login Interface Duration
06/24 16:12 admin https(192.168.0.78) 08h 21m 31s
System Activity Summary
Date/Time Event Date/Time Event
06/25 22:16 Disk log has rolled.
06/25 18:12 Completed reputation db maintenance
06/25 17:33 Administrator admin logged in successfully from https(192.168.0.137
06/25 16:13 Disk log has rolled.
06/25 16:06 The ntp daemon step adjusted time from Wed Jun 25 16:06:48 2014
06/25 15:20 Disk log has rolled.
06/25 13:33 Log upload to FortiCloud completed on vdom root
06/25 13:20 Start uploading disk logs to FortiCloud from vdom root.
06/25 11:26 Disk log has rolled.
06/25 07:55 Disk log has rolled.
06/25 06:12 Completed reputation db maintenance
06/25 02:00 Fortigate scheduled update virdb(22.00381) etdb(22.00381) idsdb(4.
06/25 00:33 Administrator admin timed out on https(192.168.0.78)
06/25 00:33 Configuration is changed in the admin session
06/25 00:00 Disk log roll request has been sent.
Fortinet Inc. All rights reserved 6
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Appendix A - Individual Report for 1st Highest User: 192.168.0.138 Usage: 1.6 GB IP: 192.168.0.138 Device:
Traffic Summary
Total Number of Bytes1.6 GB
1.5 GB in 53.2 MB out
Total Number of Sessions 1.4 K
Top 5 Destinations
Destination Bandwidth APP
googlevideo.com 986.5 MB HTTP.Videogooglevideo.com 521.6 MB HTTP.Audiogooglevideo.com 36.6 MB YouTubeytimg.com 14.9 MB HTTPgmail.com 10.1 MB POP3S
Email Activity Summary
Number Bandwidth
0 0 0 B 0 B
Total Email Sent Total Email Received
Top 5 Email Recipients
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Web Activity Summary
Top 10 Allowed Sites
Host Name Number of Visitsgooglevideo.com 265ytimg.com 163youtube.com 136doubleclick.net 122google.com 46
Top 10 Blocked Sites
Host Name Number of Visitscrwdcntrl.net 2
Threat Summary
Threat Name Type Counts
Application Summary
Top 5 Applications by Bandwidth
HTTP.Video (990.6 MB)
HTTP.Audio (521.6 MB)
YouTube (44.8 MB)
HTTP (26.9 MB)
POP3S (10.2 MB)
Top 5 Applications by Sessions
HTTP (664)
Twitter (312)
YouTube (183)
HTTP.Video (147)
HTTP.Audio (87)
Fortinet Inc. All rights reserved 7
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Appendix B - Individual Report for 2nd Highest User: 192.168.0.248 Usage: 1.2 GB IP: 192.168.0.248 Device:
Traffic Summary
Total Number of Bytes1.2 GB
1.1 GB in 39.1 MB out
Total Number of Sessions 3.9 K
Top 5 Destinations
Destination Bandwidth APP
googlevideo.com 891.9 MB YouTubeakamaihd.net 233.1 MB HTTP.Videomediotiempo.com 12.3 MB HTTPytimg.com 10.3 MB HTTPserving-sys.com 9.7 MB HTTP
Email Activity Summary
Number Bandwidth
0 0 0 B 0 B
Total Email Sent Total Email Received
Top 5 Email Recipients
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Web Activity Summary
Top 10 Allowed Sites
Host Name Number of Visitsgooglevideo.com 723serving-sys.com 269outbrain.com 231gigya.com 190mediotiempo.com 188
Top 10 Blocked Sites
Host Name Number of Visitsinfolinks.com 7m2pub.com 6crwdcntrl.net 1mathtag.com 1singlessalad.com 1
Threat Summary
Threat Name Type Counts
Application Summary
Top 5 Applications by Bandwidth
YouTube (893.6 MB)
HTTP.Video (250.6 MB)
HTTP (68.4 MB)
Ooyala (1.7 MB)
Twitter (881.8 KB)
Top 5 Applications by Sessions
HTTP (2.9 K)
YouTube (799)
Twitter (167)
POP3S (53)
MS.Windows.Update (45)
Fortinet Inc. All rights reserved 8
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Appendix C - Individual Report for 3rd Highest User: 192.168.0.189 Usage: 971.3 MB IP: 192.168.0.189 Device:
Traffic Summary
Total Number of Bytes971.3 MB
946.3 MB in 25.0 MB out
Total Number of Sessions 1.2 K
Top 5 Destinations
Destination Bandwidth APP
googlevideo.com 936.2 MB YouTubeytimg.com 14.7 MB HTTPviva-images.com 7.3 MB HTTPyoutube.com 3.7 MB YouTubegooglesyndicatio 1.6 MB HTTP
Email Activity Summary
Number Bandwidth
0 0 0 B 0 B
Total Email Sent Total Email Received
Top 5 Email Recipients
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Web Activity Summary
Top 10 Allowed Sites
Host Name Number of Visitsytimg.com 285googlevideo.com 256youtube.com 136doubleclick.net 109gstatic.com 72
Top 10 Blocked Sites
Host Name Number of Visitsputaslocuras.com 2
Threat Summary
Threat Name Type Counts
Application Summary
Top 5 Applications by Bandwidth
YouTube (939.9 MB)
HTTP (29.6 MB)
HTTP.Video (1.5 MB)
MS.Windows.Update (186.6 KB)
Google.Search_Never (132.5 KB)
Top 5 Applications by Sessions
HTTP (763)
YouTube (369)
HTTP.Video (39)
MS.Windows.Update (8)
Google.Search_Never.Insta (4)
Fortinet Inc. All rights reserved 9
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Appendix D - Individual Report for 4th Highest User: 192.168.0.75 Usage: 941.6 MB IP: 192.168.0.75 Device:
Traffic Summary
Total Number of Bytes941.6 MB
901.9 MB in 39.6 MB out
Total Number of Sessions 727
Top 5 Destinations
Destination Bandwidth APP
googlevideo.com 557.8 MB HTTP.Audiogooglevideo.com 345.2 MB HTTP.Videolive.com 14.6 MB Hotmailsnt149.afx.ms 12.1 MB Hotmailyoutube.com 4.5 MB YouTube
Email Activity Summary
Number Bandwidth
0 0 0 B 0 B
Total Email Sent Total Email Received
Top 5 Email Recipients
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Web Activity Summary
Top 10 Allowed Sites
Host Name Number of Visitsgooglevideo.com 220trafficmanager.net 119youtube.com 118doubleclick.net 102bing.com 89
Top 10 Blocked Sites
Host Name Number of Visits
Threat Summary
Threat Name Type Counts
Application Summary
Top 5 Applications by Bandwidth
HTTP.Audio (557.8 MB)
HTTP.Video (345.2 MB)
Hotmail (27.6 MB)
YouTube (5.5 MB)
HTTP (4.5 MB)
Top 5 Applications by Sessions
HTTP (447)
YouTube (153)
HTTP.Audio (110)
HTTP.Video (108)
Hotmail (40)
Fortinet Inc. All rights reserved 10
FortiGate System Analysis Report for Jun 25, 2014
FortiGate: fw_deltoromty
Appendix E - Individual Report for 5th Highest User: 192.168.0.143 Usage: 937.8 MB IP: 192.168.0.143 Device:
Traffic Summary
Total Number of Bytes937.8 MB
906.7 MB in 31.0 MB out
Total Number of Sessions 1.1 K
Top 5 Destinations
Destination Bandwidth APP
googlevideo.com 643.1 MB HTTP.Videogooglevideo.com 237.9 MB HTTP.Audiogoogle.com 12.5 MB Gmailbp.blogspot.com 8.8 MB Bloggeryoutube.com 8.6 MB YouTube
Email Activity Summary
Number Bandwidth
0 0 0 B 0 B
Total Email Sent Total Email Received
Top 5 Email Recipients
Recipient Bandwidth
Top 5 Email Senders
Sender Bandwidth
Web Activity Summary
Top 10 Allowed Sites
Host Name Number of Visitsgooglevideo.com 212youtube.com 184doubleclick.net 171ytimg.com 125googlesyndication.com 59
Top 10 Blocked Sites
Host Name Number of Visits
Threat Summary
Threat Name Type Counts
Application Summary
Top 5 Applications by Bandwidth
HTTP.Video (643.3 MB)
HTTP.Audio (237.9 MB)
HTTP (20.7 MB)
Gmail (12.5 MB)
YouTube (11.5 MB)
Top 5 Applications by Sessions
HTTP (586)
YouTube (214)
POP3S (189)
HTTP.Video (115)
HTTP.Audio (95)
Fortinet Inc. All rights reserved 11