Scribd Logo
Upload

Welcome to Scribd!

  • Fort I Cloud Report 3

    Uploaded by

    Andrea Lopez
    5 views8 pages

    Original Title

    Fort i Cloud Report 3

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views8 pages

    Fort I Cloud Report 3

    Uploaded by

    Andrea Lopez

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 8

    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root

    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    Summary Report

    Threat Analysis
    Top Threats
    Threat Category Level Score %
    Failed Connection Attempt Firewall Control Low 450 55.6%
    Blocked Connection Attempts Firewall Control High 360 44.4%
    Total: 810

    Top Viruses
    No Data

    Top Virus Victims


    No Data

    Top Attacks
    No Data

    Top Attack Victims


    No Data

    Top Spam by Source IP


    No Data

    Top Data Leak by Rules


    No Data

    Top Data Leak by Source


    No Data

    Page 1
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    Traffic Analysis
    Traffic Trend

    35

    30

    25
    Traffic (MB)

    20

    15

    10

    0
    09:57 11:57 13:57 15:57 17:57 19:57 21:57 23:57 01:57 03:57 05:57 07:57
    2021-01-12 09:57 -- 2021-01-13 09:57 (Labels indicate starting time of the period)

    Top Application Categories

    100%

    unscanned = 35.2 MB(100%)

    Top Applications
    Application Traffic(Sent/Received) % Session %
    smb 2.5 MB / 25.4 MB 79.2% 93 5.7%
    ms-sql 659 KB / 4.7 MB 15.2% 77 4.7%
    tcp 242 KB / 840 KB 3.0% 28 1.7%
    dns 134 KB / 220 KB 1.0% 1291 79.3%
    https 94 KB / 201 KB 0.8% 43 2.6%
    dce-rpc 97 KB / 65 KB 0.5% 43 2.6%
    internet-locator-service 49 KB / 47 KB 0.3% 16 1.0%
    kerberos 8 KB / 9 KB 0.0% 6 0.4%
    ldap_udp 4 KB / 3 KB 0.0% 15 0.9%
    http 0 KB / 0 KB 0.0% 1 0.1%
    kaspersky 0 KB / 0 KB 0.0% 1 0.1%
    ping 0 KB / 0 KB 0.0% 1 0.1%
    ntp 0 KB / 0 KB 0.0% 1 0.1%
    udp 0 KB / 0 KB 0.0% 12 0.7%
    Total: 3.7 MB / 31.4 MB Total: 1628

    Sent Received

    Page 2
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    Top Applications Categories and Applications


    Application Category % Application % Traffic
    unscanned 100% smb 79.2% 2.5 MB/25.4 MB
    ms-sql 15.2% 659 KB/4.7 MB
    tcp 3.0% 242 KB/840 KB
    dns 1.0% 134 KB/220 KB
    https 0.8% 94 KB/201 KB
    Other 0.8% 158 KB/124 KB
    Total: 3.7 MB/31.4 MB

    Sent Received

    Top Source
    Source Traffic(Sent/Received) % Session %
    192.168.173.34-AUXCONTB3-windows 10 / 2016 1.4 MB / 17 MB 52.1% 83 5.1%
    192.168.173.53-TESORERIA-windows 10 / 2016 1.5 MB / 12.8 MB 40.6% 78 4.8%
    192.168.172.17-ADMINISTRADOR 210 KB / 706 KB 2.5% 254 15.6%
    192.168.173.48-windows 10 / 2016 106 KB / 294 KB 1.1% 461 28.3%
    192.168.172.17-ADMINISTRADOR-windows 8 / 2012 110 KB / 214 KB 0.9% 230 14.1%
    192.168.172.16-windows 7 / 2008 r2 40 KB / 103 KB 0.4% 127 7.8%
    192.168.173.51-windows 10 / 2016 52 KB / 42 KB 0.3% 20 1.2%
    192.168.173.24-COMPRASNACIONALES-windows 10 / 2016 49 KB / 42 KB 0.3% 43 2.6%
    192.168.173.28-JSALAZAR-windows 10 / 2016 43 KB / 45 KB 0.2% 16 1.0%
    192.168.173.60-AUXILIAR.SENA-windows 10 / 2016 39 KB / 37 KB 0.2% 16 1.0%
    29 KB / 34 KB 0.2% 91 5.6%
    192.168.173.103-AUXCONTB2
    192.168.172.19-windows 8 / 2012 13 KB / 39 KB 0.1% 7 0.4%
    192.168.172.19 12 KB / 33 KB 0.1% 6 0.4%
    192.168.173.61-ETIQUETAS-windows 10 / 2016 24 KB / 20 KB 0.1% 31 1.9%
    192.168.173.46-JFORERO-windows 10 / 2016 18 KB / 22 KB 0.1% 35 2.1%
    192.168.173.20-windows 10 / 2016 20 KB / 15 KB 0.1% 22 1.4%
    192.168.172.18-ADMINISTRADOR 15 KB / 12 KB 0.1% 6 0.4%
    192.168.173.70-windows 10 / 2016 15 KB / 12 KB 0.1% 12 0.7%
    192.168.173.39-SERVERDISENO-windows 10 / 2016 15 KB / 12 KB 0.1% 17 1.0%
    192.168.173.56 10 KB / 12 KB 0.1% 8 0.5%
    Other 42 KB / 40 KB 0.2% 65 4.0%
    Total: 3.7 MB / 31.4 MB Total: 1628

    Sent Received

    Top Sources and Applications


    Source % Application % Traffic
    192.168.173.34-AUXCONTB3-windows 10 / 2016 50.4% smb 83.6% 1 MB/14.3 MB
    ms-sql 16.2% 315 KB/2.7 MB
    tcp 0.1% 12 KB/8 KB
    dns 0.0% 2 KB/6 KB
    dce-rpc 0.0% 1 KB/1 KB
    Other 0.0% 0 KB
    192.168.173.53-TESORERIA-windows 10 / 2016 39.3% smb 84.0% 1.2 MB/10.8 MB
    ms-sql 15.9% 287 KB/2 MB
    dns 0.1% 3 KB/5 KB
    tcp 0.1%
    3 KB/4 KB

    Page 3
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    dce-rpc 0.0% 1 KB/1 KB


    192.168.172.17-ADMINISTRADOR 3.3% tcp 78.2% 182 KB/786 KB
    dce-rpc 10.8% 82 KB/52 KB
    dns 8.2% 37 KB/65 KB
    https 2.0% 13 KB/12 KB
    smb 0.7% 4 KB/4 KB
    192.168.173.48-windows 10 / 2016 1.1% smb 54.0% 24 KB/191 KB
    dns 25.8% 38 KB/65 KB
    ms-sql 20.2% 43 KB/37 KB
    192.168.172.17-ADMINISTRADOR-windo... 2012 3.3% tcp 78.2% 182 KB/786 KB
    dce-rpc 10.8% 82 KB/52 KB
    dns 8.2% 37 KB/65 KB
    https 2.0% 13 KB/12 KB
    smb 0.7% 4 KB/4 KB
    192.168.172.16-windows 7 / 2008 r2 0.4% https 78.9% 29 KB/83 KB
    dns 20.4% 9 KB/19 KB
    http 0.7% 1 KB
    192.168.173.51-windows 10 / 2016 0.2% smb 55.9% 27 KB/24 KB
    internet-locator-service 24.7% 13 KB/10 KB
    kerberos 6.5% 2 KB/4 KB
    dns 6.5% 4 KB/1 KB
    tcp 6.5% 4 KB/1 KB
    Other 0.0% 0 KB
    192.168.173.24-COMPRASNACIONALES-w... 2016 0.2% smb 43.2% 21 KB/16 KB
    tcp 17.0% 7 KB/7 KB
    dns 10.2% 4 KB/5 KB
    internet-locator-service 10.2% 5 KB/3 KB
    kerberos 8.0% 3 KB/3 KB
    Other 11.4% 5 KB/4 KB
    192.168.173.28-JSALAZAR-windows 10 / 2016 0.2% smb 71.8% 29 KB/31 KB
    internet-locator-service 12.9% 6 KB/5 KB
    tcp 11.8% 5 KB/5 KB
    dce-rpc 2.4% 1 KB/1 KB
    dns 1.2% 0 KB/1 KB
    Other 0.0% 0 KB
    192.168.173.60-AUXILIAR.SENA-windo... 2016 0.2% smb 58.7% 23 KB/20 KB
    internet-locator-service 18.7% 6 KB/8 KB
    tcp 16.0% 6 KB/5 KB
    dce-rpc 5.3% 2 KB/2 KB
    dns 1.3% 1 KB
    Other 0.0% 0 KB
    Other 1.3% 213 KB/251 KB
    Total: 4 MB/32.3 MB

    Sent Received

    Top Destination
    Destination Traffic(Sent/Received) % Session %
    192.168.172.19 2.9 MB / 29.9 MB 93.5% 95 5.8%
    192.168.172.17 193 KB / 219 KB 1.1% 726 44.6%
    192.168.172.16 223 KB / 188 KB 1.1% 157 9.6%
    192.168.173.61 30 KB / 244 KB 0.8% 7 0.4%
    208.91.112.52 47 KB / 84 KB 0.4% 528 32.4%
    192.168.173.53 35 KB / 95 KB 0.4% 9 0.6%

    Page 4
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    192.168.173.24 35 KB / 95 KB 0.4% 9 0.6%


    192.168.173.34 35 KB / 95 KB 0.4% 7 0.4%
    192.168.173.39 28 KB / 70 KB 0.3% 7 0.4%
    192.168.173.103 27 KB / 68 KB 0.3% 7 0.4%
    192.168.173.60 27 KB / 68 KB 0.3% 7 0.4%
    192.168.173.46 28 KB / 67 KB 0.3% 7 0.4%
    192.168.173.28 20 KB / 37 KB 0.2% 5 0.3%
    52.114.128.71 15 KB / 29 KB 0.1% 4 0.2%
    52.113.194.132 11 KB / 30 KB 0.1% 4 0.2%
    52.104.46.41 2 KB / 27 KB 0.1% 1 0.1%
    34.207.39.205 10 KB / 6 KB 0.0% 4 0.2%
    34.205.114.72 11 KB / 3 KB 0.0% 3 0.2%
    52.113.195.132 3 KB / 9 KB 0.0% 2 0.1%
    34.231.154.33 2 KB / 8 KB 0.0% 2 0.1%
    Other 28 KB / 78 KB 0.3% 37 2.3%
    Total: 3.7 MB / 31.4 MB Total: 1628

    Sent Received

    Traffic by To Country

    99.6%

    Internal Network = 35 MB(99.6%)

    United States = 81 KB(0.2%)

    Canada = 47 KB(0.1%)

    Singapore = 4 KB(0%)

    Ireland = 2 KB(0%)

    Other = 4 KB(0%)

    Page 5
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    Web Activities
    Most Visited Web Categories
    No Data

    Most Visited Websites


    No Data

    Most Active Web Users


    No Data

    Most Visited Web Sites by Most Active Users


    No Data

    Page 6
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    VPN Analysis
    VPN Bandwidth Usage Trend
    100

    90

    80

    70
    Traffic (MB)

    60

    50

    40

    30

    20

    10

    0
    09:57 11:57 13:57 15:57 17:57 19:57 21:57 23:57 01:57 03:57 05:57 07:57
    2021-01-12 09:57 -- 2021-01-13 09:57 (Labels indicate starting time of the period)

    Top Site to Site Tunnels by Bandwidth Usage


    No Data

    Top SSL and Dialup Users by Bandwidth Usage


    User Remote IP Tunnel Type Total Duration Traffic
    usuario_vpn_kelly 181.53.12.181 ssl-tunnel 00m 00s 0 KB
    usuario_vpn_graciela 190.156.20.18 ssl-tunnel 00m 00s 0 KB
    usuario_vpn_sistemas 181.61.117.160 ssl-tunnel 00m 00s 0 KB
    usuario_vpn_julieth 186.84.88.145 ssl-tunnel 00m 00s 0 KB

    Sent Received

    Page 7
    Device: FG100D-Cachivaches(FG100D3G14805222) , VDom: root
    2021-01-12 09:57 - 2021-01-13 09:57 America/Bogota

    System Activity
    Admin Session Summary
    No Data

    Failed Admin Login Summary


    No Data

    Page 8

    You might also like