Scribd Logo
Upload

Welcome to Scribd!

  • Summary Report: Threat Analysis

    Uploaded by

    Mi S.
    24 views11 pages
    The summary report shows that Netflix related URLs were the top threats blocked, accounting for over 75% of all threats. Traffic analysis found that over 50% of traffic was unscanned, while OneDrive accounted for the largest share of scanned traffic at 28.2%. Top applications by traffic were HTTP at 49.5% and OneDrive at 28.2%.

    Original Description:

    Original Title

    FortiCloudReport391.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The summary report shows that Netflix related URLs were the top threats blocked, accounting for over 75% of all threats. Traffic analysis found that over 50% of traffic was unscanned, while OneDrive accounted for the largest share of scanned traffic at 28.2%. Top applications by traffic were HTTP at 49.5% and OneDrive at 28.2%.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    24 views11 pages

    Summary Report: Threat Analysis

    Uploaded by

    Mi S.
    The summary report shows that Netflix related URLs were the top threats blocked, accounting for over 75% of all threats. Traffic analysis found that over 50% of traffic was unscanned, while OneDrive accounted for the largest share of scanned traffic at 28.2%. Top applications by traffic were HTTP at 49.5% and OneDrive at 28.2%.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    Device: Rectoria(FG100ETK18001080) , VDom: root

    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    Summary Report

    Threat Analysis
    Top Threats
    Threat Category Level Score %
    ftl. netflix.com urlfilter High 1200 32.1%
    Blocked Connection Attempts Firewall Control High 870 23.3%
    cloud. netflix.com urlfilter High 840 22.5%
    ichnaea-web. netflix.com urlfilter High 270 7.2%
    Failed Connection Attempt Firewall Control Low 230 6.1%
    click. inplayable.com Malicious Websites High 120 3.2%
    www. netflix.com urlfilter High 60 1.6%
    track. mob193.com Phishing High 60 1.6%
    msg. netflix.com urlfilter High 60 1.6%
    urlfilter High 30 0.8%
    appboot.netflix.com
    Total: 3740

    Top Viruses
    No Data

    Top Virus Victims


    No Data

    Top Attacks
    No Data

    Top Attack Victims


    No Data

    Top Spam by Source IP


    No Data

    Top Data Leak by Rules


    No Data

    Top Data Leak by Source

    Page 1
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    No Data

    Page 2
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    Traffic Analysis
    Traffic Trend

    110

    100

    90

    80
    Traffic (MB)

    70

    60

    50

    40

    30

    20

    10

    0
    00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23
    2020-02-22 00:00 -- 2020-02-23 00:00

    Top Application Categories

    28.2%

    unscanned = 126 MB(50.6%)

    storage. backup = 70.1 MB(28.2%)

    video/audio = 22.9 MB(9.2%)

    collaboration = 18.9 MB(7.6%)


    9.2%
    50.6% web. client = 6.2 MB(2.5%)

    Other = 4.9 MB(1.9%)


    7.6%

    Top Applications
    Application Traffic(Sent/Received) % Session %
    http 1.5 MB / 121.7 MB 49.5% 61 1.5%
    onedrive 1 MB / 69.1 MB 28.2% 2 0.0%
    youtube 707 KB / 22.1 MB 9.2% 34 0.8%
    whatsapp_file.transfer 293 KB / 16.1 MB 6.6% 18 0.4%
    https.browser 500 KB / 5.6 MB 2.5% 189 4.6%
    https 1.4 MB / 533 KB 0.8% 825 20.0%
    google.services 350 KB / 987 KB 0.5% 76 1.8%
    instagram 59 KB / 1.2 MB 0.5% 16 0.4%
    dns 175 KB / 876 KB 0.4% 2489 60.3%
    microsoft.portal 214 KB / 802 KB 0.4% 61 1.5%
    microsoft.authentication 154 KB / 473 KB 0.2% 22 0.5%
    ms.windows.update 279 KB / 223 KB 0.2% 26 0.6%
    google.accounts 40 KB / 399 KB 0.2% 32 0.8%
    microsoft.office.online 66 KB / 331 KB 0.2% 15 0.4%
    yahoo.services 18 KB / 338 KB 0.1% 4 0.1%
    whatsapp 105 KB / 169 KB 0.1% 25 0.6%

    Page 3
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    sophos.update 40 KB / 216 KB 0.1% 4 0.1%


    microsoft.office.365.portal 46 KB / 77 KB 0.0% 10 0.2%
    ssl_tlsv1.2 22 KB / 77 KB 0.0% 14 0.3%
    facebook 32 KB / 62 KB 0.0% 24 0.6%
    Other 206 KB / 575 KB 0.3% 178 4.3%
    Total: 7.1 MB / 241.9 MB Total: 4125

    Sent Received

    Top Applications Categories and Applications


    Application Category % Application % Traffic
    unscanned 50.6% http 97.8% 1.5 MB/121.7 MB
    https 1.5% 1.4 MB/532 KB
    dns 0.8% 155 KB/821 KB
    storage.backup 28.2% onedrive 100% 1 MB/69.1 MB
    video/audio 9.2% youtube 99.5% 707 KB/22.1 MB
    netflix 0.3% 12 KB/53 KB
    amazon.music 0.2% 23 KB/19 KB
    collaboration 7.6% whatsapp_file.transfer 86.6% 293 KB/16.1 MB
    microsoft.portal 5.3% 214 KB/802 KB
    microsoft.authentication 3.2% 154 KB/473 KB
    microsoft.office.online 2.1% 66 KB/331 KB
    whatsapp 1.4% 105 KB/169 KB
    Other 1.4% 60 KB/213 KB
    web.client 2.5% https.browser 99.5% 500 KB/5.6 MB
    http.browser_chrome 0.2% 1 KB/11 KB
    google.data.saver 0.2% 3 KB/8 KB
    http.browser 0.1% 2 KB/3 KB
    general.interest 0.9% google.services 55.7% 350 KB/987 KB
    google.accounts 18.3% 40 KB/399 KB
    yahoo.services 14.8% 18 KB/338 KB
    google.push.notification 3.4% 17 KB/63 KB
    amazon.services 2.1% 10 KB/39 KB
    Other 5.7% 42 KB/92 KB
    social.media 0.6% instagram 91.6% 59 KB/1.2 MB
    facebook 6.7% 32 KB/62 KB
    twitter 1.7% 6 KB/17 KB
    update 0.3% ms.windows.update 64.9% 279 KB/223 KB
    sophos.update 33.2% 40 KB/216 KB
    root.certificate.url 1.9% 7 KB/8 KB
    network.service 0.1% ssl_tlsv1.2 53.5% 22 KB/77 KB
    dns 40.0% 19 KB/54 KB
    http.segmented.download 3.2% 2 KB/4 KB
    ocsp 3.2% 2 KB/4 KB
    quic 0.0% 0 KB
    email 0.0% microsoft.outlook 44.9% 12 KB/27 KB
    imaps 34.8% 5 KB/26 KB
    microsoft.outlook.office.365 20.2% 4 KB/13 KB
    Other 0.0% 100% 44 KB/53 KB
    Total: 7.1 MB/241.9 MB

    Sent Received

    Page 4
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    Top Source
    Source Traffic(Sent/Received) % Session %
    10.0.3.121-windows 10 / 2016 1.4 MB / 112 MB 45.6% 38 0.9%
    2.5 MB / 78.1 MB 32.4% 503 12.2%
    10.0.1.98-emilk.aquino
    10.0.1.26-ariel.payano-huawei 1.4 MB / 40.4 MB 16.8% 253 6.1%
    68 KB / 9.7 MB 3.9% 7 0.2%
    10.0.3.160
    837 KB / 373 KB 0.5% 471 11.4%
    10.0.3.32
    486 KB / 89 KB 0.2% 248 6.0%
    10.0.3.88
    10.0.1.130 65 KB / 371 KB 0.2% 1002 24.3%
    49 KB / 113 KB 0.1% 41 1.0%
    10.0.1.39-maribel.nunez
    10.0.1.26-ariel.payano 19 KB / 113 KB 0.1% 59 1.4%
    10.0.1.98-emilk.aquino 25 KB / 101 KB 0.0% 38 0.9%
    17 KB / 87 KB 0.0% 249 6.0%
    10.0.1.171
    47 KB / 56 KB 0.0% 43 1.0%
    10.0.3.143
    11 KB / 65 KB 0.0% 175 4.2%
    10.0.1.5
    10.0.1.39-maribel.nunez 15 KB / 57 KB 0.0% 23 0.6%
    9 KB / 46 KB 0.0% 141 3.4%
    10.0.1.10
    10.0.1.113-altagracia.canela-samsung galaxy 20 KB / 34 KB 0.0% 19 0.5%
    10.0.1.168-samsung galaxy 8 KB / 41 KB 0.0% 120 2.9%
    5 KB / 31 KB 0.0% 87 2.1%
    10.0.1.31
    6 KB / 25 KB 0.0% 68 1.6%
    10.0.1.48
    4 KB / 22 KB 0.0% 72 1.7%
    10.0.1.116
    Other 48 KB / 143 KB 0.1% 468 11.3%
    Total: 7.1 MB / 241.9 MB Total: 4125

    Sent Received

    Top Sources and Applications


    Source % Application % Traffic
    10.0.3.121-windows 10 / 2016 30.5% http 100% 1.4 MB/112 MB
    https 0.0% 0 KB
    21.7% onedrive 86.9%
    10.0.1.98-emilk.aquino 1 MB/69.1 MB
    https.browser 7.2% 395 KB/5.5 MB
    google.services 1.4% 266 KB/880 KB
    microsoft.portal 1.2% 214 KB/802 KB
    microsoft.authentication 0.8% 154 KB/473 KB
    Other 2.5% 545 KB/1.5 MB
    10.0.1.26-ariel.payano-huawei 11.3% youtube 54.4% 707 KB/22.1 MB
    whatsapp_file.transfer 39.0% 293 KB/16.1 MB
    instagram 3.0% 59 KB/1.2 MB
    google.accounts 0.9% 30 KB/361 KB
    https.browser 0.7% 96 KB/194 KB
    Other 2.0% 303 KB/558 KB
    2.6% http 100%
    10.0.3.160 68 KB/9.7 MB
    0.3% https 96.6%
    10.0.3.32 821 KB/348 KB
    http 3.4% 15 KB/25 KB
    0.2% https 100%
    10.0.3.88 486 KB/89 KB
    10.0.1.130 0.1% dns 100%
    65 KB/371 KB

    Page 5
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    0.1% netflix 28.9%


    10.0.1.39-maribel.nunez 12 KB/53 KB
    facebook 26.8% 19 KB/41 KB
    whatsapp 14.9% 9 KB/25 KB
    imaps 13.6% 5 KB/26 KB
    google.services 6.1% 6 KB/8 KB
    Other 9.6% 7 KB/11 KB
    10.0.1.26-ariel.payano 11.3% youtube 54.4% 707 KB/22.1 MB
    whatsapp_file.transfer 39.0% 293 KB/16.1 MB
    instagram 3.0% 59 KB/1.2 MB
    google.accounts 0.9% 30 KB/361 KB
    https.browser 0.7% 96 KB/194 KB
    Other 2.0% 303 KB/558 KB
    10.0.1.98-emilk.aquino 21.7% onedrive 86.9% 1 MB/69.1 MB
    https.browser 7.2% 395 KB/5.5 MB
    google.services 1.4% 266 KB/880 KB
    microsoft.portal 1.2% 214 KB/802 KB
    microsoft.authentication 0.8% 154 KB/473 KB
    Other 2.5% 545 KB/1.5 MB
    Other 0.2% 100% 190 KB/607 KB
    Total: 11.1 MB/360.6 MB

    Sent Received

    Top Destination
    Destination Traffic(Sent/Received) % Session %
    104.123.193.107 1 MB / 69.1 MB 28.2% 2 0.0%
    207.194.199.16 774 KB / 42.3 MB 17.3% 10 0.2%
    13.107.4.50 393 KB / 37.5 MB 15.2% 4 0.1%
    72.21.81.240 222 KB / 36.1 MB 14.6% 14 0.3%
    190.167.241.144 177 KB / 15.4 MB 6.3% 2 0.0%
    190.166.228.99 112 KB / 8.8 MB 3.6% 10 0.2%
    190.166.228.33 83 KB / 7.3 MB 3.0% 7 0.2%
    207.194.199.17 96 KB / 5.5 MB 2.3% 8 0.2%
    148.215.2.10 122 KB / 3.9 MB 1.6% 12 0.3%
    190.166.8.173 36 KB / 2.4 MB 1.0% 2 0.0%
    190.166.8.175 20 KB / 1.3 MB 0.5% 1 0.0%
    190.166.228.97 89 KB / 1 MB 0.4% 78 1.9%
    208.91.112.53 153 KB / 781 KB 0.4% 2194 53.2%
    172.217.31.182 31 KB / 769 KB 0.3% 3 0.1%
    172.217.18.4 72 KB / 690 KB 0.3% 7 0.2%
    216.58.208.42 228 KB / 431 KB 0.3% 4 0.1%
    172.217.16.182 19 KB / 608 KB 0.2% 6 0.1%
    190.167.204.207 13 KB / 506 KB 0.2% 1 0.0%
    184.150.158.8 28 KB / 422 KB 0.2% 8 0.2%
    172.217.175.36 15 KB / 381 KB 0.2% 1 0.0%
    Other 3.3 MB / 6.7 MB 4.1% 1751 42.4%
    Total: 7 MB / 241.8 MB Total: 4125

    Sent Received

    Traffic by To Country

    Page 6
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    97.2%

    Internal Network = 241.9 MB(97.2%)

    United States = 3.6 MB(1.5%)

    Canada = 1.1 MB(0.4%)

    Dominican Republic = 742 KB(0.3%)

    Germany = 618 KB(0.2%)

    Other = 1 MB(0.4%)

    Page 7
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    Web Activities
    Most Visited Web Categories

    96.5%

    urlfilter = 82(96.5%)

    Malicious Websites = 2(2.4%)

    Phishing = 1(1.2%)

    Most Visited Websites


    Web Site Visits % Estimated Browsing Time %
    ftl. netflix.com 40 47.1% 00h 00m 00s N/A
    cloud. netflix.com 28 32.9% 00h 00m 00s N/A
    ichnaea-web. netflix.com 9 10.6% 00h 00m 00s N/A
    msg. netflix.com 2 2.4% 00h 00m 00s N/A
    www. netflix.com 2 2.4% 00h 00m 00s N/A
    click. inplayable.com 2 2.4% 00h 00m 00s N/A
    track. mob193.com 1 1.2% 00h 00m 00s N/A
    1 1.2% 00h 00m 00s N/A
    appboot.netflix.com
    Total: 85 Total: 00h 00m 00s

    Most Active Web Users


    User Visits % Estimated Browsing Time %
    <N/A> 69 81.2% 00h 00m 00s N/A
    maribel.nunez 16 18.8% 00h 00m 00s N/A
    Total: 85 Total: 00h 00m 00s

    Most Visited Web Sites by Most Active Users


    User % Web Site % Visits Estimated Browsing
    Time
    <N/A> 81.2% ftl. netflix.com 55.1% 38 00h 00m 00s
    cloud. netflix.com 21.7% 15 00h 00m 00s
    ichnaea-web. netflix.com 13.0% 9 00h 00m 00s
    msg. netflix.com 2.9% 2 00h 00m 00s
    www. netflix.com 2.9% 2 00h 00m 00s
    Other 4.3% 3 00h 00m 00s
    maribel.nunez 18.8% cloud. netflix.com 81.2% 13 00h 00m 00s
    ftl. netflix.com 12.5% 2 00h 00m 00s
    android-appboot. netflix.com 6.2% 1 00h 00m 00s
    Total: 85

    Visits

    Page 8
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    Page 9
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    VPN Analysis
    VPN Bandwidth Usage Trend
    100

    90

    80

    70
    Traffic (MB)

    60

    50

    40

    30

    20

    10

    0
    00 01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16 17 18 19 20 21 22 23
    2020-02-22 00:00 -- 2020-02-23 00:00

    Top Site to Site Tunnels by Bandwidth Usage


    VPN Tunnel Traffic
    isfodosu-vpn 0 KB

    Sent Received

    Top SSL and Dialup Users by Bandwidth Usage


    No Data

    Page 10
    Device: Rectoria(FG100ETK18001080) , VDom: root
    2020-02-22 00:00 - 2020-02-23 00:00 Canada/Atlantic

    System Activity
    Admin Session Summary
    No Data

    Failed Admin Login Summary


    No Data

    Page 11

    You might also like