Created on: January 20, 201X 09:05 Powered By
CompanyWeekly GMS Report
Report Date: January 11, 201X - January 17, 201X
Table Of Contents
Firewall 3......................................................................................................................................................................SonicWall Name................................................................................................................................................. 3
Data Usage - Timeline ...................................................................................................................................................................................... 3Data Usage - Top Initiators ............................................................................................................................................................................... 4Data Usage - Top Responders ......................................................................................................................................................................... 5Web Activity - Top Sites ................................................................................................................................................................................... 6Web Activity - Top Initiators .............................................................................................................................................................................. 7Web Filter - Top Categories ............................................................................................................................................................................. 8Web Filter - Web Filter By Initiators ................................................................................................................................................................. 9Intrusions - Top Intrusions Detected ............................................................................................................................................................... 11Intrusions - Top Initiators ................................................................................................................................................................................ 12Gateway Viruses - Top Viruses Blocked ........................................................................................................................................................ 13Attacks - Top Attempts ................................................................................................................................................................................... 14Attacks - Top Targets ...................................................................................................................................................................................... 15Attacks - Top Initiators .................................................................................................................................................................................... 16
3 Powered By
FirewallSonicWall
Data Usage - Timeline: January 11, 201X - January 17, 201X
Timeline
Time Connections Transferred Cost
1 Jan 11, 201X 2,561,211 36.18 GB USD 370.532 Jan 12, 201X 2,514,811 33.49 GB USD 342.973 Jan 13, 201X 2,596,925 41.4 GB USD 423.954 Jan 14, 201X 2,476,341 34.95 GB USD 357.875 Jan 15, 201X 2,420,474 25.64 GB USD 262.586 Jan 16, 201X 2,145,872 24.64 GB USD 252.347 Jan 17, 201X 3,292,516 7.43 GB USD 76.11
Total: 18,008,150 203.74 GB USD 2,086.34
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
4 Powered By
Data Usage - Top Initiators: January 11, 201X - January 17, 201X
Initiators
Initiator IP Initiator Host User Connections Transferred
1 172.17.17.7 1,703,130 42.79 GB2 192.168.11.49 419,010 30.67 GB3 192.168.11.240 8,832 13.31 GB4 192.168.11.240 99,605 12.9 GB5 172.17.17.100 5,551 12.02 GB
Total: 2,236,128 111.69 GB
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
5 Powered By
Data Usage - Top Responders: January 11, 201X - January 17, 201X
Responders
Responder IP Responder Host Connections Transferred
1 172.30.100.121 117,632 56.44 GB2 172.30.100.127 20 11.68 GB3 172.30.100.124 17,122 6.89 GB4 172.17.17.23 1,220,438 3.58 GB5 71.107.31.98 25 2.74 GB
Total: 1,355,237 81.34 GB
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
6 Powered By
Web Activity - Top Sites: January 11, 201X - January 17, 201X
Sites
Site IP Site Name Category Browse Time Hits Transferred
1 172.30.100.121 N/A 48:02:06 115,284 28.87 GB2 17.253.27.204 iosapps.itunes.apple.com Information Techn
ology/Computers00:01:34 63 2.7 GB
3 23.216.10.107 wsus.ds.download.windowsupdate.comInformation Technology/Computers
00:20:24 816 2.69 GB
4 13.107.4.50 download.windowsupdate.comInformation Technology/Computers
01:02:07 2,485 2.41 GB
5 216.115.97.236 s.yimg.com Business and Economy
22:24:58 53,799 2.34 GB
Total: 172,447 39.01 GB
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
7 Powered By
Web Activity - Top Initiators: January 11, 201X - January 17, 201X
Initiators
Initiator IP Initiator Host User Browse Time Hits Transferred
1 172.17.17.7 709:06:06 1,701,844
42.09 GB
2 192.168.11.49 163:48:04 393,123 29.7 GB3 192.168.11.70 09:55:24 23,816 6.75 GB4 172.17.17.23 08:07:12 19,488 3.83 GB
5 192.168.11.240 40:29:01 97,161 3.67 GB
Total: 2,235,432 86.05 GB
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
8 Powered By
Web Filter - Top Categories: January 11, 201X - January 17, 201X
Categories
Category Attempts
1 Chat/Instant Messaging (IM) 7822 Games 3083 Personals and Dating 444 Pay to Surf Sites 375 Hacking/Proxy Avoidance Systems 32
Total: 1,203
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
9 Powered By
Web Filter - Web Filter By Initiators: January 11, 201X - January 17, 201X
Web Filter By Initiators
Initiator IP Initiator Host User Attempts
1.0 192.168.11.49 660
Site IP Site Name Category Attempts
1.1 52.3.17.42 us32.zopim.com Chat/Instant Messaging (IM) 391.2 185.48.81.27 mobilecrush.king.com Games 351.3 54.203.255.29 costcouem.compuwareapmaas.com Hacking/Proxy Avoidance Systems 241.4 104.40.75.8 b.config.skype.com Chat/Instant Messaging (IM) 221.5 40.118.214.164 pipe.skype.com Chat/Instant Messaging (IM) 21
2.0 172.17.17.7 247
Site IP Site Name Category Attempts
2.1 216.58.217.209 app.snapchat.com Chat/Instant Messaging (IM) 202.2 54.69.172.44 us42.zopim.com Chat/Instant Messaging (IM) 152.3 52.5.25.66 us24.zopim.com Chat/Instant Messaging (IM) 122.4 52.34.120.137 api.content.ad Pay to Surf Sites 122.5 54.68.134.230 us22.zopim.com Chat/Instant Messaging (IM) 12
3.0 192.168.11.70 233
Site IP Site Name Category Attempts
3.1 40.78.98.202 pipe.skype.com Chat/Instant Messaging (IM) 1763.2 40.122.44.96 prod.registrar.skype.com Chat/Instant Messaging (IM) 273.3 104.40.75.8 b.config.skype.com Chat/Instant Messaging (IM) 143.4 23.101.115.193 a.config.skype.com Chat/Instant Messaging (IM) 93.5 23.216.11.48 vassg142.ocsp.omniroot.com Games 2
4.0 192.168.11.70 35
Site IP Site Name Category Attempts
4.1 40.78.98.202 pipe.skype.com Chat/Instant Messaging (IM) 284.2 40.122.44.96 prod.registrar.skype.com Chat/Instant Messaging (IM) 6
10 Powered By
Initiator IP Initiator Host User Attempts
Site IP Site Name Category Attempts
4.3 104.40.75.8 b.config.skype.com Chat/Instant Messaging (IM) 1
5.0 192.168.11.240 34
Site IP Site Name Category Attempts
5.1 72.14.249.2 www.snapengage.com Chat/Instant Messaging (IM) 195.2 69.25.247.53 vmp.boldchat.com Chat/Instant Messaging (IM) 105.3 173.205.77.17 vassg142.ocsp.omniroot.com Games 25.4 52.6.111.117 us30.zopim.com Chat/Instant Messaging (IM) 25.5 54.241.146.39 api.content.ad Pay to Surf Sites 1
Total: 1,209
• Report generated for timezone: Pacific Standard Time• Report owner: admin@LocalDomain
11 Powered By
Intrusions - Top Intrusions Detected: January 11, 201X - January 17, 201X
Intrusions
Intrusion Priority Events
1 NetBIOS Name Request Probe Low 7,1652 SMTP Relay Denied Low 3,1583 Suspicious XML File -l 01 Low 2324 FTP Login Failed 1 Low 1595 HTTP Request URI with SQL Statement (AND) 2 Low 139
Total: 10,853
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
12 Powered By
Intrusions - Top Initiators: January 11, 201X - January 17, 201X
Initiators
Initiator IP Initiator Host User Events
1 192.168.101.2 6,9102 172.17.17.5 2,9573 172.17.17.5 2014 172.30.100.122 1595 192.168.103.21 110
Total: 10,337
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
13 Powered By
Gateway Viruses - Top Viruses Blocked: January 11, 201X - January 17, 201X
Gateway Viruses
Virus Action Events
1 Neshta.A_36 (Virus). Blocked 2412 (Cloud Id: 22088276) Agent.FL (Trojan). Blocked 933 CVE--2015-0313.A (Exploit). Blocked 34 Encrypted Zipped File. Blocked 25 C99Shell.F (Trojan). Blocked 2
Total: 341
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
14 Powered By
Attacks - Top Attempts: January 11, 201X - January 17, 201X
Attacks
Attack Events
1 Possible port scan detected 1,3442 Probable port scan detected 4653 Possible SYN Flood on IF X0 - from machine xx:xx:56:99:62:e0 with SYN rate of 1/sec has ceased 3774 IP spoof dropped 2475 Possible SYN Flood on IF X0 - from machine xx:xx:56:99:62:e0 with SYN rate of 0/sec has ceased 161
Total: 2,594
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
15 Powered By
Attacks - Top Targets: January 11, 201X - January 17, 201X
Targets
Target IP Target Host Events
1 1 1 2,6272 108.13.229.78 static-108-13-229-78.lsanca.fios.verizon.net 1,3403 172.17.17.7 3864 164.67.62.194 tick.ucla.edu 1635 164.67.62.194 tick.ucla.edu 154
Total: 4,670
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain
16 Powered By
Attacks - Top Initiators: January 11, 201X - January 17, 201X
Initiators
Initiator IP Initiator Host User Events
1 1 1 1 2,6272 216.115.97.236 l1.ycs.vip.lax.yahoo.com 5633 108.13.229.78 static-108-13-229-78.lsanca.fios.
verizon.net317
4 192.168.14.3 2205 216.115.97.236 l1.ycs.vip.lax.yahoo.com 99
Total: 3,826
• Report generated for timezone: Pacific Standard Time• Report owner: System@LocalDomain