You are on page 1of 10

FortiGate System Analysis Report for Oct 30, 2013

FortiGate: FortiGate-Demo-140D

Bandwidth and Applications


In

Out

Number of Sessions for Past 24 Hours


500

270K

450

240K

400

210K

350

Sessions

300K

180K
150K
120K
90K

300
250
200
150
100

30K

50

0K

Top Users by Bandwidth Usage


User

Top Users by Sessions


Sent

IP

10.170.203.2

10.170.203.2

test user

101:101:101:101:10

test user

172.16.78.32

Received
1.1 GB

Sent

User

IP

Sessions

10.170.203.2

10.170.203.2

9.9 K

100.5 MB

test user

172.16.78.32

900 B

test user

101:101:101:101:10

test user

172.16.78.88

Top Applications by Bandwidth Usage


Application

00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:
20 00
:
21 00
:
22 00
:
23 00
:0
0

60K

00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:
20 00
:
21 00
:
22 00
:
23 00
:0
0

Bandwidth (bit/s)

Bandwidth Usage for Past 24 Hours

Top Applications by Sessions


Received

HTTP.Video

Application
1.1 GB

AIM

100.5 MB

Sessions

DNS

4.4 K

HTTP.BROWSER_Chrome

3.5 K

HTTP.BROWSER_Chrome

36.9 MB

HTTP

436

HTTP.BROWSER_IE

13.6 MB

SSL

374

SSL

4.0 MB

unknown

298

DNS

1.9 MB

MS.NetSend

178

HTTP.Executable

744.7 KB

HTTP.Video

163

MS.Windows.Update

544.4 KB

HTTP.BROWSER_IE

147

NetBIOS.Name.Service

254.4 KB

Fortiguard.Search

126

POP3S

235.2 KB

NetBIOS.Name.Service

118

Top Destinations by Bandwidth Usage

Fortinet Inc. All rights reserved

Top Destinations by Sessions

akamaihd.net (1.1 GB)

208.91.112.53 (3.9 K)

202:202:202:202:202: (100.5 MB)

10.170.203.255 (592)

turner.com (20.2 MB)

208.91.112.52 (562)

96.45.33.99 (11.0 MB)

turner.com (406)

ads.cnn.com (4.6 MB)

chartbeat.net (375)

www.cnn.com (3.1 MB)

data.cnn.com (311)

96.45.32.96 (1.7 MB)

www.cnn.com (304)

208.91.112.53 (1.6 MB)

ads.cnn.com (289)

data.cnn.com (1.1 MB)

akamaihd.net (166)

windowsupdate.com (937.0 KB)

8.27.235.254 (115)

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Bandwidth and Applications


DHCP Summary
Interface

Top Wifi Client by Bandwidth


Allocated /

Available

New Clients Count

STAFF-WIFI

0/253

SW-AP

0/253

SW-PHONES

0/253

IP

SSID

Sent

MAC

Received

10
9
8
7
6
5
4
3
2
1
0

00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:
20 00
:
21 00
:
22 00
:
23 00
:0
0

Active Users

Number of Active Users for Past 24 Hours

Web Usage
Top Allowed Websites by Requests
Website

Top Websites by Bandwidth


Requests

Sent

Website

Received

krxd.net

Top Blocked Websites by Requests


Website
krxd.net

Fortinet Inc. All rights reserved

168.2 KB

Top Blocked Users


Requests

User(or IP)
47

10.170.203.2

Hostname(MAC)
dell

Requests
47

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Web Usage
Top Web Users by Requests
User(or IP)

Top Web Users by Bandwidth

Hostname(MAC)

User(or IP)

Requests

10.170.203.2
dell
Average Usage of Top 1

47
47

Hostname(Mac)

Sent

10.170.203.2
dell
Average Usage of Top 1

Received
168.2 KB
168.2 KB

Top Web Streaming Websites by Bandwidth

Emails
Top Senders by Number of Emails
Sender

Top Email Senders by Bandwidth


Number of Emails

Top Recipients by Number of Emails


Recipient

Fortinet Inc. All rights reserved

Number of Emails

Sender

Bandwidth

Top Email Recipients by Bandwidth


Recipient

Bandwidth

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Threats
Top Viruses by Name
Virus Name

Top Virus Victims


Occurrence

Virus Victim

Occurrence

Top Attack Sources

%
100.0%

Attack Source

Occurrence

32.78.16.172

Top Attack Victims

%
100.0%

Fortinet Inc. All rights reserved

Attack Victim
32.1.1.1

Occurrence
1

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

VPN Usage
Top Site-to-Site IPSec Tunnels by Bandwidth
Sent

Tunnel

Top Dial-Up IPSec Tunnels by Bandwidth

Received

User

Top SSL-VPN Tunnel Users by Bandwidth


User

IP

Type

VPN-Demo

test user

vpn

1.1 GB
100.5 MB

Sent

Received

User

Sent

Sent

IP

VPN Traffic Usage Trend


Duration (Sec)

Received

Top SSL-VPN Web Mode Users by Bandwidth

Top Dial Up Users


User

Sent

Tunnel

10.170.203.2

SSL Out

SSL In

Received

IPSec Out

IPSec In

2000M

Received

1800M

Bandwidth (bit/s)

1600M
1400M
1200M
1000M
800M
600M
400M
200M

00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:
20 00
:
21 00
:
22 00
:
23 00
:0
0

0M

Fortinet Inc. All rights reserved

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Admin Login and System Events


Admin Login Summary
Date/Time

User Name

=Config Changed

Login Interface

Duration

Date/Time

User Name

Login Interface

=Config Not Changed

Duration

10/30 23:12

demo

https(125.18.132.99)

26m 46s

10/30 09:49

demo

https(189.106.237.228)

34m 02s

10/30 22:55

demo

https(113.33.180.14)

12m 28s

10/30 09:49

demo

jsconsole

35m 45s

10/30 22:36

demo

https(125.18.132.99)

32m 02s

10/30 09:37

demo

https(187.15.38.187)

30m 27s

10/30 22:28

demo

https(120.63.162.164)

30m 14s

10/30 09:32

demo

https(201.155.121.237)

37m 17s

10/30 22:10

demo

https(190.40.162.140)

31m 23s

10/30 09:30

demo

https(201.155.121.237)

31m 33s

10/30 21:48

demo

https(182.71.149.18)

37m 41s

10/30 09:27

demo

https(200.5.230.123)

57m 22s

10/30 21:36

demo

https(125.18.132.99)

30m 16s

10/30 09:26

demo

https(177.97.125.45)

47m 45s

10/30 21:06

demo

https(190.134.113.95)

31m 38s

10/30 09:23

demo

https(92.79.61.254)

30m 20s

10/30 21:04

demo

https(218.188.7.198)

44m 53s

10/30 09:20

demo

https(92.79.61.254)

01h 23m 26s

10/30 20:07

demo

https(61.8.64.165)

06m 27s

10/30 09:15

demo

https(82.159.137.2)

01h 04m 49s

10/30 18:45

demo

https(121.97.68.162)

33m 43s

10/30 09:10

demo

https(216.120.213.99)

42m 03s

10/30 18:29

demo

https(203.206.220.46)

35m 25s

10/30 09:05

demo

https(62.99.69.194)

33m 45s

10/30 18:04

demo

https(187.163.97.105)

37m 24s

10/30 09:00

demo

https(84.91.3.242)

34m 19s

10/30 17:54

demo

https(203.213.6.46)

01h 04m 40s

10/30 08:47

demo

https(186.67.11.50)

58m 01s

10/30 17:14

demo

https(197.35.195.108)

45m 22s

10/30 08:46

demo

https(80.50.145.10)

31m 08s

10/30 17:03

demo

https(184.167.50.100)

35m 10s

10/30 08:41

demo

https(178.254.133.67)

36m 40s

10/30 16:19

demo

https(187.28.2.82)

04m 13s

10/30 08:38

demo

https(162.39.14.193)

32m 41s

10/30 16:04

demo

https(190.166.252.66)

23m 49s

10/30 08:38

demo

https(69.113.139.36)

35m 12s

10/30 15:17

demo

https(181.255.4.242)

46m 34s

10/30 08:32

demo

https(217.111.193.242)

30m 27s

10/30 15:01

demo

https(201.48.90.43)

49m 14s

10/30 08:31

demo

https(63.243.33.65)

32m 51s

10/30 14:58

demo

https(190.166.252.66)

01h 01m 53s

10/30 08:31

demo

https(41.251.145.190)

32m 20s

10/30 14:52

demo

https(186.67.11.50)

58m 42s

10/30 08:18

demo

https(132.219.142.130)

34m 04s

10/30 14:51

demo

https(200.216.152.19)

49m 48s

10/30 08:06

demo

https(190.153.51.186)

31m 57s

10/30 14:42

demo

https(190.50.185.150)

01h 03m 45s

10/30 07:47

demo

https(213.188.40.142)

32m 41s

10/30 14:40

demo

https(189.253.12.190)

07m 27s

10/30 07:36

demo

https(93.121.152.202)

40m 58s

10/30 14:15

demo

https(190.223.63.202)

34m 45s

10/30 07:34

demo

https(186.148.90.56)

34m 27s

10/30 13:44

demo

https(200.188.169.248)

32m 42s

10/30 07:34

demo

https(219.117.237.165)

34m 57s

10/30 13:09

demo

https(190.223.63.202)

51m 52s

10/30 07:29

demo

https(66.50.166.130)

50m 32s

10/30 12:42

demo

https(201.166.128.139)

40m 11s

10/30 07:12

demo

https(194.2.149.121)

31m 23s

10/30 12:37

demo

jsconsole

23m 47s

10/30 07:09

demo

https(186.148.90.56)

31m 51s

10/30 12:37

demo

https(201.56.92.203)

24m 31s

10/30 06:54

demo

https(190.104.208.34)

38m 03s

10/30 12:36

demo

https(190.106.3.126)

33m 45s

10/30 06:46

demo

https(178.212.122.240)

42m 13s

10/30 12:15

demo

https(201.48.90.45)

31m 07s

10/30 06:40

demo

https(190.234.157.218)

01h 25m 24s

10/30 12:12

demo

https(201.166.128.139)

30m 06s

10/30 06:39

demo

https(193.192.227.194)

30m 20s

10/30 12:01

demo

https(204.76.203.9)

34m 07s

10/30 06:36

demo

https(41.251.145.190)

43m 08s

10/30 11:55

demo

https(190.153.51.186)

51m 14s

10/30 06:31

demo

https(200.156.24.105)

39m 14s

10/30 11:51

demo

https(69.47.65.249)

57m 38s

10/30 06:26

demo

https(192.162.109.165)

01h 02m 12s

10/30 11:49

demo

https(87.148.88.96)

35m 56s

10/30 06:20

demo

https(190.153.51.186)

32m 54s

10/30 11:42

demo

https(217.248.109.35)

30m 56s

10/30 06:11

demo

https(200.185.248.89)

46m 36s

10/30 11:40

demo

jsconsole

30m 11s

10/30 06:08

demo

https(200.68.21.26)

30m 19s

10/30 11:39

demo

https(76.164.124.25)

58m 32s

10/30 06:06

demo

https(212.12.178.66)

30m 26s

10/30 11:31

demo

https(200.146.46.44)

37m 53s

10/30 06:05

demo

https(200.175.44.252)

30m 45s

10/30 11:14

demo

jsconsole

30m 06s

10/30 05:50

demo

https(201.33.148.1)

35m 34s

10/30 11:13

demo

https(66.98.36.8)

56m 25s

10/30 05:44

demo

https(24.217.98.89)

32m 54s

10/30 11:12

demo

https(190.166.252.66)

01h 03m 56s

10/30 05:41

demo

https(62.167.9.67)

01h 18m 25s

10/30 11:09

demo

https(186.148.90.56)

31m 28s

10/30 05:40

demo

https(186.148.90.56)

50m 06s

10/30 10:54

demo

jsconsole

30m 28s

10/30 05:40

demo

jsconsole

04h 44m 40s

10/30 10:50

demo

https(200.146.46.44)

39m 02s

10/30 05:39

demo

https(41.202.69.216)

01h 16m 03s

10/30 10:34

demo

https(201.47.57.247)

16m 40s

10/30 05:35

demo

https(201.55.89.82)

30m 16s

10/30 10:25

demo

jsconsole

31m 32s

10/30 05:32

demo

https(197.133.244.136)

56m 32s

10/30 10:23

demo

https(200.68.21.26)

33m 57s

10/30 05:29

demo

https(189.188.116.154)

30m 57s

Fortinet Inc. All rights reserved

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

System Activity Summary


Date/Time

Event

Date/Time

Event

10/30 23:55

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:48

Administrator demo logged in successfully from https(182.71.149.18)

10/30 23:50

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 21:48

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 23:49

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 21:45

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 23:45

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:38

Administrator demo timed out on https(190.134.113.95)

10/30 23:42

Administrator root login failed from https(118.143.38.130) because of

10/30 21:36

Administrator demo logged in successfully from https(125.18.132.99)

10/30 23:42

Login disabled from IP 118.143.38.130 for 60 seconds because of 3

10/30 21:34

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 23:41

Administrator unknown login failed from https(118.143.38.130) beca

10/30 21:25

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 23:41

Administrator admin login failed from https(118.143.38.130) because

10/30 21:24

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 23:41

Administrator admin login failed from https(118.143.38.130) because

10/30 21:24

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 23:38

Administrator demo logged in successfully from https(125.18.132.99)

10/30 21:19

Administrator demo1 login failed from https(111.84.99.181) because

10/30 23:38

Administrator demo logged out from https(125.18.132.99)

10/30 21:17

Administrator demo login failed from https(111.84.99.181) because o

10/30 23:35

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:15

Add system.admin:dashboard demo:6

10/30 23:26

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 21:15

Add system.admin:dashboard demo:21

10/30 23:25

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:15

Add system.admin:dashboard demo:4

10/30 23:24

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 21:15

Add system.admin:dashboard demo:5

10/30 23:19

Administrator demo logged in successfully from https(119.234.25.98)

10/30 21:15

Add system.admin:dashboard demo:51

10/30 23:15

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:15

Add system.admin:dashboard demo:2

10/30 23:12

Administrator demo logged in successfully from https(125.18.132.99)

10/30 21:15

Add system.admin:dashboard demo:61

10/30 23:08

Administrator demo timed out on https(125.18.132.99)

10/30 21:15

Add system.admin:dashboard demo:41

10/30 23:07

Administrator demo logged out from https(113.33.180.14)

10/30 21:15

Add system.admin:dashboard demo:1

10/30 23:05

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:15

Add system.admin:dashboard demo:21

10/30 23:02

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 21:15

Purge system.admin:dashboard

10/30 23:00

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 21:15

Add system.admin:dashboard demo:31

10/30 23:00

FortiCloud Report file has been downloaded by user demo via GUI(1

10/30 21:15

Add system.admin:dashboard demo:63

10/30 22:58

Administrator demo timed out on https(120.63.162.164)

10/30 21:15

Add system.admin:dashboard demo:6

10/30 22:55

Administrator demo logged in successfully from https(113.33.180.14)

10/30 21:15

Add system.admin:dashboard demo:63

10/30 22:55

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:15

Add system.admin:dashboard demo:5

10/30 22:53

Administrator demo2 login failed from https(113.33.180.14) because

10/30 21:15

Add system.admin:dashboard demo:62

10/30 22:53

Login disabled from IP 113.33.180.14 for 60 seconds because of 3 b

10/30 21:15

Add system.admin:dashboard demo:1

10/30 22:53

Administrator demo1 login failed from https(113.33.180.14) because

10/30 21:15

Add system.admin:dashboard demo:2

10/30 22:53

Administrator demo1 login failed from https(113.33.180.14) because

10/30 21:15

Add system.admin:dashboard demo:4

10/30 22:45

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:15

Add system.admin:dashboard demo:62

10/30 22:41

Administrator demo timed out on https(190.40.162.140)

10/30 21:15

Purge system.admin:dashboard

10/30 22:38

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 21:14

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 22:36

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 21:06

Administrator demo logged in successfully from https(190.134.113.9

10/30 22:36

Administrator demo logged in successfully from https(125.18.132.99)

10/30 21:04

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 22:35

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:04

Administrator demo logged in successfully from https(218.188.7.198)

10/30 22:28

Administrator demo logged in successfully from https(120.63.162.16

10/30 21:01

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 22:26

Administrator demo timed out on https(182.71.149.18)

10/30 20:59

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 22:25

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 20:57

Administrator demo 1 login failed from https(218.188.7.198) because

10/30 22:15

Administrator admin login failed from https(147.6.1.81) because of in

10/30 20:57

Login disabled from IP 218.188.7.198 for 60 seconds because of 3 b

10/30 22:15

Login disabled from IP 147.6.1.81 for 60 seconds because of 3 bad

10/30 20:57

Administrator demo1 login failed from https(218.188.7.198) because

10/30 22:15

Administrator demo login failed from https(147.6.1.81) because of in

10/30 20:56

Administrator demo1 login failed from https(218.188.7.198) because

10/30 22:15

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 20:54

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 22:14

Administrator demo login failed from https(147.6.1.81) because of in

10/30 20:44

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 22:14

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 20:41

Administrator demo login failed from https(124.120.169.222) becaus

10/30 22:12

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 20:37

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 22:10

Administrator demo logged in successfully from https(190.40.162.14

10/30 20:35

The ntp server 208.91.113.70 is determined unreachable at Wed Oct

10/30 22:06

Administrator demo timed out on https(125.18.132.99)

10/30 20:34

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 22:05

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 20:25

Administrator fortigate login failed from https(113.33.180.14) becaus

10/30 21:55

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 20:25

Administrator demo login failed from https(113.33.180.14) because o

10/30 21:51

FortiClient registration renewed.

10/30 20:24

2 files were dropped by quard to global_fsb: 0 reached max retries, 2

10/30 21:51

Add a FortiClient Connection.

10/30 20:22

Administrator demo login failed from https(124.120.169.222) becaus

10/30 21:50

The ntp server 208.91.113.71 is determined unreachable at Wed Oct

10/30 20:22

Login disabled from IP 124.120.169.222 for 60 seconds because of

10/30 21:49

Administrator demo timed out on https(218.188.7.198)

10/30 20:21

Administrator demo login failed from https(124.120.169.222) becaus

Fortinet Inc. All rights reserved

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Appendix A

- Individual Report for 1st Highest User: 10.170.203.2 Usage: 1.1 GB IP: 10.170.203.2 Device: dell

Traffic Summary

Web Activity Summary

Total Number of Sessions

Top 10 Allowed Sites

9.9 K
Host Name

1.1 GB

Total Number of Bytes

1.1 GB in

Number of Visits

55.6 MB out

Top 5 Destinations

Destination

Number of Sessions

208.91.112.53
208.91.112.52
turner.com
chartbeat.net
data.cnn.com

APP

3.8 K
562
406
375
311

DNS
DNS
HTTP.BROWSER
HTTP.BROWSER
HTTP.BROWSER

Top 10 Blocked Sites

Host Name

Email Activity Summary


Number

Number of Visits

krxd.net

47

Bandwidth

Total Email Sent

0B

0B

Total Email Received

Threat Summary
Threat Name

Type

Counts

Top 5 Email Recipients


Recipient

Bandwidth

Top 5 Email Senders


Sender

Bandwidth

Application Summary
Top 5 Applications by Bandwidth

Fortinet Inc. All rights reserved

Top 5 Applications by Sessions

HTTP.Video (1.1 GB)

DNS (4.4 K)

HTTP.BROWSER_Chr (36.9 MB)

HTTP.BROWSER_Chrom (3.5 K)

HTTP.BROWSER_IE (13.6 MB)

HTTP (436)

SSL (4.0 MB)

SSL (374)

DNS (1.9 MB)

unknown (298)

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Appendix B

- Individual Report for 2nd Highest User: test user Usage: 100.5 MB IP: 172.16.78.88 Device: host

Traffic Summary

Web Activity Summary

Total Number of Sessions

Top 10 Allowed Sites

6
Host Name

100.5 MB

Total Number of Bytes

500.6 KB in

Number of Visits

100.0 MB out

Top 5 Destinations

Destination

Number of Sessions

1.1.1.32
120.86.52.18
202:202:202:202:
229.118.95.200

APP
3
1
1
1

800/tcp
other
AIM
AIM
Top 10 Blocked Sites

Host Name

Number of Visits

Email Activity Summary


Number

Bandwidth

Total Email Sent

0B

0B

Total Email Received

Threat Summary
Threat Name

Type

Counts

Top 5 Email Recipients


Recipient

Bandwidth

Top 5 Email Senders


Sender

Bandwidth

Application Summary
Top 5 Applications by Bandwidth
AIM (100.5 MB)

Top 5 Applications by Sessions


800/tcp (3)

AIM (2)
800/tcp (900 B)
other (1)

Fortinet Inc. All rights reserved

FortiGate System Analysis Report for Oct 30, 2013


FortiGate: FortiGate-Demo-140D

Appendix C

- Individual Report for 3rd Highest User: test user Usage: 100.5 MB IP: 172.16.78.88 Device: host

Traffic Summary

Web Activity Summary

Total Number of Sessions

Top 10 Allowed Sites

6
Host Name

100.5 MB

Total Number of Bytes

500.6 KB in

Number of Visits

100.0 MB out

Top 5 Destinations

Destination

Number of Sessions

1.1.1.32
120.86.52.18
202:202:202:202:
229.118.95.200

APP
3
1
1
1

800/tcp
other
AIM
AIM
Top 10 Blocked Sites

Host Name

Number of Visits

Email Activity Summary


Number

Bandwidth

Total Email Sent

0B

0B

Total Email Received

Threat Summary
Threat Name

Type

Counts

Top 5 Email Recipients


Recipient

Bandwidth

Top 5 Email Senders


Sender

Bandwidth

Application Summary
Top 5 Applications by Bandwidth
AIM (100.5 MB)

Top 5 Applications by Sessions


800/tcp (3)

AIM (2)
800/tcp (900 B)
other (1)

Fortinet Inc. All rights reserved

10