FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Bandwidth and Applications
In
Out
Number of Sessions for Past 24 Hours
5000
630K
4500
560K
4000
490K
3500
Sessions
700K
420K
350K
280K
210K
3000
2500
2000
1500
1000
70K
500
0K
Top Users by Bandwidth Usage
User
Top Users by Sessions
Sent
IP
113.175.40.8
113.175.40.8
113.160.200.109
20
:
21 00
:
22 00
:
23 00
:
00 00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:0
0
140K
20
:
21 00
:
22 00
:
23 00
:
00 00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:0
0
Bandwidth (bit/s)
Bandwidth Usage for Past 24 Hours
Recv
User
IP
Sessions
123.4 MB
123.31.26.64
123.31.26.64
3.7 K
113.160.200.109
61.2 MB
88.198.239.9
88.198.239.9
3.1 K
27.72.68.67
27.72.68.67
43.7 MB
42.112.27.51
42.112.27.51
3.0 K
123.30.175.226
123.30.175.226
40.7 MB
113.177.148.73
113.177.148.73
1.2 K
27.66.5.33
27.66.5.33
40.0 MB
113.160.200.109
113.160.200.109
1.1 K
118.68.38.135
118.68.38.135
38.5 MB
123.31.12.210
123.31.12.210
533
14.189.62.199
14.189.62.199
38.4 MB
172.16.0.254
172.16.0.254
489
113.175.90.223
113.175.90.223
37.4 MB
123.30.239.224
123.30.239.224
475
113.174.7.165
113.174.7.165
37.1 MB
14.161.4.56
14.161.4.56
418
14.187.209.160
14.187.209.160
37.1 MB
113.160.200.14
113.160.200.14
417
Top Applications by Bandwidth Usage
Application
Sent
Top Applications by Sessions
Recv
Application
Sessions
HTTP
1.8 GB
HTTP
35.0 K
RDP
4.8 MB
RDP
12.3 K
FTP
95.0 KB
HTTPS
391
HTTPS
87.2 KB
FTP
160
Camera
37.4 KB
POP3S
90
POP3S
21.9 KB
Camera
88
IMAPS
10.4 KB
IMAPS
39
POP3
5.7 KB
POP3
27
IMAP
4.1 KB
IMAP
19
SMTP
1.4 KB
SMTP
16
Top Destinations by Bandwidth Usage
Fortinet Inc. All rights reserved
Top Destinations by Sessions
thaibinh.gov.vn (1.2 GB)
10.132.2.70 (33.7 K)
tuyengiaothaibinh.vn (548.2 MB)
10.132.2.80 (10.6 K)
benhviennhithaibinh.c (35.2 MB)
10.132.2.171 (2.0 K)
thpt-lequydon-thaibin (22.1 MB)
10.132.2.165 (933)
10.132.2.70 (9.3 MB)
10.132.2.193 (353)
10.132.2.80 (4.2 MB)
10.132.2.17 (170)
10.132.2.171 (755.5 KB)
10.132.2.11 (154)
10.132.2.165 (213.9 KB)
thaibinh.gov.vn (118)
10.132.2.11 (94.5 KB)
10.132.2.111 (88)
10.132.2.193 (80.4 KB)
tuyengiaothaibinh.vn (56)
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Bandwidth and Applications
DHCP Summary
Interface
Top Wifi Client by Bandwidth
Allocated /
Available
New Clients Count
IP
SSID
Sent
MAC
Recv
400
360
320
280
240
200
160
120
80
40
0
20
:
21 00
:
22 00
:
23 00
:
00 00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:0
0
Active Users
Number of Active Users for Past 24 Hours
Web Usage
Top Allowed Websites by Requests
Website
Top Websites by Bandwidth
Requests
Top Blocked Websites by Requests
Website
Fortinet Inc. All rights reserved
Sent
Website
Recv
Top Blocked Users
Requests
User(or IP)
Hostname(MAC)
Requests
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Web Usage
Top Web Users by Requests
User(or IP)
Top Web Users by Bandwidth
Hostname(MAC)
Requests
User(or IP)
Hostname(Mac)
Sent
Recv
Top Web Streaming Websites by Bandwidth
Emails
Top Senders by Number of Emails
Sender
Top Email Senders by Bandwidth
Number of Emails
Top Recipients by Number of Emails
Recipient
Fortinet Inc. All rights reserved
Number of Emails
Sender
Bandwidth
Top Email Recipients by Bandwidth
Recipient
Bandwidth
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Threats
Top Viruses by Name
Virus Name
Top Virus Victims
Occurrence
Virus Victim
oversize
177
av-error
Occurrence
113.160.200.109
113.175.40.8
117.4.176.24
27.66.5.33
42.112.233.51
42.113.158.135
1.53.229.244
113.160.65.50
113.162.73.55
113.185.1.112
Top Attack Sources
Top Attack Victims
Fortinet Inc. All rights reserved
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
VPN Usage
Top Site-to-Site IPSec Tunnels by Bandwidth
Sent
Tunnel
Top Dial-Up IPSec Tunnels by Bandwidth
Recv
User
Top SSL-VPN Tunnel Users by Bandwidth
User
Recv
Top SSL-VPN Web Mode Users by Bandwidth
Sent
IP
Sent
Tunnel
Recv
User
Sent
IP
Recv
lamnh
27.76.193.170
15.5 MB
lamnh
27.76.193.170
13.3 MB
hienpq
27.76.193.170
12.1 MB
hienpq
27.76.193.170
12.1 MB
dungdp
117.6.135.61
5.5 MB
dungdp
117.6.135.61
5.5 MB
hapt
117.6.135.61
1.4 MB
hapt
117.6.135.61
lamnh
27.76.203.182
401.8 KB
lamnh
27.76.203.182
400.6 KB
hienpq
27.76.203.182
28.9 KB
hienpq
27.76.203.182
28.8 KB
dungdp
113.185.18.79
15.2 KB
dungdp
113.185.18.67
14.5 KB
thevt
27.76.193.170
12 B
thevt
27.76.193.170
12 B
Top Dial Up Users
Type
Duration (Sec)
Sent
Recv
lamnh
ssl
56m 15s
29.6 MB
hienpq
ssl
52m 21s
24.2 MB
dungdp
ssl
38m 17s
11.0 MB
hapt
ssl
02h 39m
2.7 MB
thevt
ssl
04m 58s
24 B
SSL Out
SSL In
IPSec Out
IPSec In
10
9
8
Bandwidth (bit/s)
User
VPN Traffic Usage Trend
1.4 MB
7
6
5
4
3
2
1
20
:
21 00
:
22 00
:
23 00
:
00 00
:
01 00
:
02 00
:
03 00
:
04 00
:
05 00
:
06 00
:
07 00
:
08 00
:
09 00
:
10 00
:
11 00
:
12 00
:
13 00
:
14 00
:
15 00
:
16 00
:
17 00
:
18 00
:
19 00
:0
0
Fortinet Inc. All rights reserved
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Admin Login and System Events
Admin Login Summary
Date/Time
User Name
=Config Changed
Login Interface
Duration
Date/Time
User Name
=Config Not Changed
Login Interface
Duration
06/04 19:26
hienpq
https(10.212.134.200)
11m 40s
06/04 15:12
hienpq
https(10.132.196.66)
14m 00s
06/04 19:16
hienpq
https(10.212.134.200)
05m 34s
06/04 14:38
hienpq
https(10.132.196.66)
20m 55s
06/04 15:28
hienpq
https(10.132.196.66)
08m 03s
System Activity Summary
Date/Time
Event
Date/Time
Event
06/04 19:38
Administrator hienpq timed out on https(10.212.134.200)
06/04 15:29
Edit vpn.ssl.settings
06/04 19:38
Configuration is changed in the admin session
06/04 15:28
Edit vpn.ssl.settings
06/04 19:27
Purge system.admin:dashboard-tabs
06/04 15:28
Edit vpn.ssl.settings
06/04 19:27
Add system.admin:dashboard-tabs hienpq:1
06/04 15:28
Edit vpn.ssl.settings
06/04 19:27
Add system.admin:dashboard-tabs hienpq:2
06/04 15:28
Administrator hienpq logged in successfully from https(10.132.196.6
06/04 19:27
Add system.admin:dashboard-tabs hienpq:3
06/04 15:26
Administrator hienpq timed out on https(10.132.196.66)
06/04 19:27
Add system.admin:dashboard-tabs hienpq:4
06/04 15:22
Send token FTKMOB4A031EEEDF activation code DEICM7CIEPG
06/04 19:27
Add system.admin:dashboard-tabs hienpq:5
06/04 15:12
Administrator hienpq logged in successfully from https(10.132.196.6
06/04 19:27
Add system.admin:dashboard-tabs hienpq:6
06/04 14:59
Administrator hienpq timed out on https(10.132.196.66)
06/04 19:27
Purge system.admin:dashboard
06/04 14:59
Configuration is changed in the admin session
06/04 19:27
Add system.admin:dashboard hienpq:64
06/04 14:49
Send token FTKMOB4A031EEEDF activation code DEICM7CIEPG
06/04 19:27
Add system.admin:dashboard hienpq:62
06/04 14:48
User hienpq added local user dpdung from GUI(10.132.196.66)
06/04 19:27
Add system.admin:dashboard hienpq:1
06/04 14:48
Add user.local dpdung
06/04 19:27
Add system.admin:dashboard hienpq:2
06/04 14:48
Edit user.group VPN-ThaiBinh
06/04 19:27
Add system.admin:dashboard hienpq:3
06/04 14:45
Completed reputation db maintenance
06/04 19:27
Add system.admin:dashboard hienpq:4
06/04 14:38
Administrator hienpq logged in successfully from https(10.132.196.6
06/04 19:27
Add system.admin:dashboard hienpq:5
06/04 09:11
The ntp daemon step adjusted time from Sat Jun 4 09:11:23 2016 t
06/04 19:27
Add system.admin:dashboard hienpq:6
06/04 02:45
Completed reputation db maintenance
06/04 19:27
Add system.admin:dashboard hienpq:63
06/04 01:44
Fortigate scheduled update virdb(35.00114) etdb(35.00114) idsdb(8.
06/04 19:27
Add system.admin:dashboard hienpq:31
06/04 00:06
System deleted log file tlog.64628
06/04 19:27
Add system.admin:dashboard hienpq:41
06/04 00:06
System deleted log file tlog.64627
06/04 19:27
Add system.admin:dashboard hienpq:51
06/04 00:06
System deleted log file elog.64913
06/04 19:27
Add system.admin:dashboard hienpq:61
06/04 00:06
System deleted log file vlog.65447
06/04 19:26
Administrator hienpq logged in successfully from https(10.212.134.2
06/04 00:06
System deleted log file wlog.65447
06/04 19:22
Administrator hienpq timed out on https(10.212.134.200)
06/04 00:06
System deleted log file alog.65447
06/04 19:16
Administrator hienpq logged in successfully from https(10.212.134.2
06/04 00:06
System deleted directory pcap.65447.
06/04 18:27
Disk log has rolled.
06/04 00:06
System deleted log file slog.65447
06/04 15:36
Administrator hienpq timed out on https(10.132.196.66)
06/04 00:06
System deleted log file clog.65447
06/04 15:36
Configuration is changed in the admin session
06/04 00:06
System deleted log file plog.65447
06/04 15:31
Edit vpn.ssl.settings
06/04 00:06
System deleted log file dlog.65447
06/04 15:31
Edit vpn.ssl.settings
06/04 00:06
System deleted directory dlp_archive.65447.
06/04 15:30
Edit vpn.ssl.settings
06/04 00:06
System deleted log file rlog.65447
06/04 15:30
Edit vpn.ssl.settings
06/04 00:06
System deleted log file nlog.65447
06/04 15:30
Edit vpn.ssl.settings
06/04 00:00
Disk log roll request has been sent.
06/04 15:29
Edit vpn.ssl.settings
06/04 00:00
Start uploading disk logs to FortiCloud from vdom root.
06/04 15:29
Edit vpn.ssl.settings
Fortinet Inc. All rights reserved
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Appendix A
- Individual Report for 1st Highest User: 113.175.40.8 Usage: 123.4 MB IP: 113.175.40.8 Device:
Traffic Summary
Web Activity Summary
Top 10 Allowed Sites
123.4 MB
Total Number of Bytes
122.0 MB in
Total Number of Sessions
Host Name
1.4 MB out
Number of Visits
152
Top 5 Destinations
Destination
Bandwidth
tuyengiaothaibinh
10.132.2.70
APP
123.3 MB
31.3 KB
HTTP
HTTP
Top 10 Blocked Sites
Host Name
Number of Visits
Email Activity Summary
Number
Bandwidth
Total Email Sent
0B
0B
Total Email Received
Threat Summary
Threat Name
Top 5 Email Recipients
Recipient
Type
Counts
oversize
Bandwidth
Top 5 Email Senders
Sender
Bandwidth
Application Summary
Top 5 Applications by Bandwidth
HTTP (123.4 MB)
Fortinet Inc. All rights reserved
Top 5 Applications by Sessions
HTTP (152)
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Appendix B
- Individual Report for 2nd Highest User: 113.160.200.109 Usage: 61.2 MB IP: 113.160.200.109 Device:
Traffic Summary
Web Activity Summary
Top 10 Allowed Sites
61.2 MB
Total Number of Bytes
61.0 MB in
Total Number of Sessions
Host Name
285.3 KB out
Number of Visits
1.1 K
Top 5 Destinations
Destination
Bandwidth
thaibinh.gov.vn
10.132.2.70
10.132.2.165
APP
61.0 MB
222.3 KB
5.7 KB
HTTP
HTTP
HTTP
Top 10 Blocked Sites
Host Name
Number of Visits
Email Activity Summary
Number
Bandwidth
Total Email Sent
0B
0B
Total Email Received
Threat Summary
Threat Name
Top 5 Email Recipients
Recipient
Type
Counts
oversize
Bandwidth
Top 5 Email Senders
Sender
Bandwidth
Application Summary
Top 5 Applications by Bandwidth
HTTP (61.2 MB)
Fortinet Inc. All rights reserved
Top 5 Applications by Sessions
HTTP (1.1 K)
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Appendix C
- Individual Report for 3rd Highest User: 27.72.68.67 Usage: 43.7 MB IP: 27.72.68.67 Device:
Traffic Summary
Web Activity Summary
Top 10 Allowed Sites
43.7 MB
Total Number of Bytes
43.7 MB in
Total Number of Sessions
Host Name
65.5 KB out
Number of Visits
Top 5 Destinations
Destination
Bandwidth
thaibinh.gov.vn
APP
43.7 MB
HTTP
Top 10 Blocked Sites
Host Name
Number of Visits
Email Activity Summary
Number
Bandwidth
Total Email Sent
0B
0B
Total Email Received
Threat Summary
Threat Name
Top 5 Email Recipients
Recipient
Type
Counts
oversize
Bandwidth
Top 5 Email Senders
Sender
Bandwidth
Application Summary
Top 5 Applications by Bandwidth
HTTP (43.7 MB)
Fortinet Inc. All rights reserved
Top 5 Applications by Sessions
HTTP (2)
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Appendix D
- Individual Report for 4th Highest User: 123.30.175.226 Usage: 40.7 MB IP: 123.30.175.226 Device:
Traffic Summary
Web Activity Summary
Top 10 Allowed Sites
40.7 MB
Total Number of Bytes
40.6 MB in
Total Number of Sessions
Host Name
63.3 KB out
Number of Visits
25
Top 5 Destinations
Destination
Bandwidth
thaibinh.gov.vn
10.132.2.70
APP
40.7 MB
8.1 KB
HTTP
HTTP
Top 10 Blocked Sites
Host Name
Number of Visits
Email Activity Summary
Number
Bandwidth
Total Email Sent
0B
0B
Total Email Received
Threat Summary
Threat Name
Top 5 Email Recipients
Recipient
Type
Counts
oversize
Bandwidth
Top 5 Email Senders
Sender
Bandwidth
Application Summary
Top 5 Applications by Bandwidth
HTTP (40.7 MB)
Fortinet Inc. All rights reserved
Top 5 Applications by Sessions
HTTP (25)
10
�FortiGate System Analysis Report for 2016-06-03 20:00 -- 2016-06-04 19:59 GMT+7
FortiGate: FG-300C-02
Appendix E
- Individual Report for 5th Highest User: 27.66.5.33 Usage: 40.0 MB IP: 27.66.5.33 Device:
Traffic Summary
Web Activity Summary
Top 10 Allowed Sites
40.0 MB
Total Number of Bytes
39.8 MB in
Total Number of Sessions
Host Name
126.5 KB out
Number of Visits
Top 5 Destinations
Destination
Bandwidth
thaibinh.gov.vn
APP
40.0 MB
HTTP
Top 10 Blocked Sites
Host Name
Number of Visits
Email Activity Summary
Number
Bandwidth
Total Email Sent
0B
0B
Total Email Received
Threat Summary
Threat Name
Top 5 Email Recipients
Recipient
Type
Counts
oversize
Bandwidth
Top 5 Email Senders
Sender
Bandwidth
Application Summary
Top 5 Applications by Bandwidth
HTTP (40.0 MB)
Fortinet Inc. All rights reserved
Top 5 Applications by Sessions
HTTP (4)
11
