FortiAnalyzer Report Example Table of Contents information has been removed from tables and charts...

Sensitive information has been removed from tables and charts in this sample report. 1

FortiAnalyzer Report Example

Table of Contents

ANTIVIRUS.................................................................................................................................................................................... 2

TOP VIRUSES ........................................................................................................................................................................................ 2 TOP VIRUSES FOR MOST COMMON DESTINATIONS (IP) ................................................................................................................................ 3 TOP VIRUSES FOR MOST COMMON SOURCES ............................................................................................................................................. 5

INTRUSION ................................................................................................................................................................................... 7

TOP ATTACKS ....................................................................................................................................................................................... 7 TOP ATTACKS PER TRAFFIC DIRECTION ....................................................................................................................................................... 9 TOP ATTACK DESTINATIONS .................................................................................................................................................................. 10 TOP ATTACK SOURCES .......................................................................................................................................................................... 11

WEBFILTER ................................................................................................................................................................................. 12

TOP ALLOWED CATEGORIES FOR MOST ACTIVE USERS ............................................................................................................................... 12 TOP BLOCKED CATEGORIES FOR MOST ACTIVE BLOCKED USERS ................................................................................................................... 16

MAILFILTER ................................................................................................................................................................................ 20

TOP SPAM SOURCES WITH BLOCKING CRITERIA BREAKDOWN ...................................................................................................................... 20


Antivirus fgt-antivirus Top Viruses The most frequently detected viruses over the reporting period.

Top Viruses

Virus Name Events % of Total HTML/Banker.BOA!phish 25 26.60 W32/Buzus.011E!tr 12 12.77 JS/Crypted.AG!tr.dldr 9 9.57 JS/Agent.GMF!tr.dldr 8 8.51 Riskware/MyWebSearch 5 5.32 Riskware/NetCat 4 4.26 Suspicious 4 4.26 Riskware/ShopAtHomeSelect 3 3.19 W32/Toolbar_fam.NB 3 3.19 W32/Dropper!tr 2 2.13 Android/NewyearL.B 2 2.13 Adware/Hotbar 2 2.13 Others 15 15.96 Total 94 100.00


Top Viruses for Most Common Destinations (IP) The most frequent virus destinations over the reporting period, broken down by virus name.

Top Viruses for Most Common Destinations (IP) Destination Virus Name Events % of Subtotal HTML/Banker.BOA!phish 11 100.00

Subtotal 11 11.70 JS/Crypted.AG!tr.dldr 9 90.00

JS/JScript.AG!tr.dldr 1 10.00 Subtotal 10 10.64

W32/Buzus.011E!tr 10 100.00 Subtotal 10 10.64

HTML/Banker.BOA!phish 9 100.00 Subtotal 9 9.57

JS/Agent.GMF!tr.dldr 6 100.00 Subtotal 6 6.38

W32/Injector.DBAY!tr 1 20.00 W32/Injector.CYTT!tr 1 20.00 W32/Injector.CJFC!tr 1 20.00 W32/Zbot.BJG!tr 1 20.00 W32/CTH!tr.dldr 1 20.00 Subtotal 5 5.32


W32/Dropper!tr 2 66.67 W32/Zbot.YW!tr 1 33.33 Subtotal 3 3.19

Riskware/ShopAtHomeSelect 3 100.00 Subtotal 3 3.19



Riskware/NetCat 2 100.00 Subtotal 2 2.13

Others 26 27.66 Total 94 100.00



Top Viruses for Most Common Sources The most frequent sources of virus over the reporting period, broken down by virus name.

Top Viruses for Most Common Sources Source Virus Name Events % of Subtotal HTML/Banker.BOA!phish 13 100.00

Subtotal 13 13.83 JS/Crypted.AG!tr.dldr 9 90.00

JS/JScript.AG!tr.dldr 1 10.00 Subtotal 10 10.64


Riskware/NetCat 4 100.00 Subtotal 4 4.26

W32/Injector.DBAY!tr 1 25.00 W32/Injector.CYTT!tr 1 25.00 W32/Injector.CJFC!tr 1 25.00 W32/Zbot.BJG!tr 1 25.00 Subtotal 4 4.26

W32/Dropper!tr 2 66.67 W32/Zbot.YW!tr 1 33.33 Subtotal 3 3.19





Android/NewyearL.B 2 100.00 Subtotal 2 2.13

W32/Toolbar_fam.NB 1 50.00 Adware/Hotbar 1 50.00 Subtotal 2 2.13

Others 40 42.55 Total 94 100.00



Intrusion fgt-intrusion Top Attacks The most frequently detected attack types over the reporting period.

Top Attacks Attack ID Description Detail Events % of Total 16777321 http://www.fortinet.com/ids

/ID16777321 7170108651540 94.25

100663402 http://www.fortinet.com/ids /ID100663402

236140872588 3.10


160679755668 2.11


16685795392 0.22


13905048612 0.18


9619476538 0.13


1984187 0.00


933228 0.00


185974 0.00


113963 0.00


3281 0.00


2692 0.00

Others 4590 0.00 Total 7607142828253 100.00

http://www.fortinet.com/ids














Top Attacks per Traffic Direction The number of attacks over the reporting period, broken down by direction and attack DID.

Top Attacks per Traff ic Direction Attack Direction Attack ID Description Detail Events % of Subtotal External 16777321 http://www.fortinet

.com/ids/ID16777321 3749689204536 90.11

100663402 http://www.fortinet .com/ids /ID100663402

233359898980 5.61


160323481426 3.85

Others 17965707616 0.43 Subtotal 4161338292558 54.70

Incoming 16777321 http://www.fortinet .com/ids/ID16777321

2739252886648 100.00

16777320 http://www.fortinet .com/ids/ID16777320

4658 0.00


584 0.00

Others 221 0.00 Subtotal 2739252892111 36.01

Internal 16777321 http://www.fortinet .com/ids/ID16777321

681166560356 96.46


16685795392 2.36

16777320 http://www.fortinet .com/ids/ID16777320

5561932631 0.79

Others 2781076908 0.39 Subtotal 706195365287 9.28

Outgoing 285212772 http://www.fortinet .com/ids /ID285212772

356274242 100.00


3869 0.00


109 0.00

Others 77 0.00 Subtotal 356278297 0.00

Total 7607142828253 100.00


Top Attack Destinations The most frequently attacked destinations over the reporting period.

Top Attack Destinations Destination Events % of Total 211983177891 2.79 199302490520 2.62 166857899040 2.19 152026085792 2.00 151099097464 1.99 139975237528 1.84 130705354248 1.72 124216435952 1.63 118654505984 1.56 105676669392 1.39 98260762768 1.29 73233695832 0.96 Others 5935151415842 78.02 Total 7607142828253 100.00


Top Attack Sources The most frequent sources of attacks over the reporting period.

Top Attack Sources Source Events % of Total 5535047306488 72.76 962235142704 12.65 425487960344 5.59 247610598190 3.25 204864559016 2.69 52667280036 0.69 25295471182 0.33 24582922698 0.32 12113324228 0.16 2780972824 0.04 2493919694 0.03 2493919694 0.03 Others 109469451155 1.44 Total 7607142828253 100.00


Webfilter fgt-webfilter Top Allowed Categories for Most Active Users The sources with the most allowed web page requests over the reporting period, broken down by category.

Top Allowed Categories for Most Active Users

User Category Events % of Subtotal News and Media 213302 46.50

Search Engines 117376 25.59 Information Technology 63550 13.85 Reference 56662 12.35 Content Servers 7833 1.71 Subtotal 458723 1.86

Information Technology 375946 100.00 Subtotal 375946 1.52

Finance and Banking 197904 88.44 Personal Storage 10883 4.86 News and Media 3298 1.47 Search Engines 2796 1.25 Advertising 2075 0.93 Information Technology 1549 0.69 Content Servers 1100 0.49 Government and Legal Organizations 1006 0.45 Multimedia Download 619 0.28 Freeware Downloads 532 0.24 Business 447 0.20 Miscellaneous 295 0.13 Others 1258 0.56 Subtotal 223762 0.91

Information Technology 142752 100.00 Subtotal 142752 0.58

News and Media 95795 78.11 Advertising 11214 9.14 Information Technology 5850 4.77 Business 3977 3.24


Content Servers 2638 2.15 Reference 1958 1.60 Health and Wellness 329 0.27 Search Engines 262 0.21 Arts and Entertainment 222 0.18 Miscellaneous 215 0.18 Unrated 52 0.04 Shopping and Auction 35 0.03 Others 90 0.07 Subtotal 122637 0.50

Information Technology 89890 97.78 Search Engines 2009 2.19 Freeware Downloads 34 0.04 Subtotal 91933 0.37

Business 59208 64.74 Content Servers 9965 10.90 Information Technology 8382 9.17 Shopping and Auction 2524 2.76 News and Media 2181 2.38 Search Engines 1944 2.13 Society and Lifestyles 1243 1.36 Government and Legal Organizations 1045 1.14 Arts and Entertainment 1027 1.12 Health and Wellness 976 1.07 Education 680 0.74 Sports 618 0.68 Others 1655 1.81 Subtotal 91448 0.37

Advertising 33233 36.94 Information Technology 18673 20.76 Internet Radio and TV 12610 14.02 Business 9917 11.02 Content Servers 5610 6.24 Search Engines 2642 2.94 Miscellaneous 2520 2.80 Arts and Entertainment 661 0.73 Shopping and Auction 660 0.73 Multimedia Download 587 0.65 Newsgroups and Message Boards 537 0.60 Unrated 528 0.59 Others 1778 1.98 Subtotal 89956 0.36

Information Technology 25711 29.11 Advertising 11541 13.07 Games 10070 11.40 Content Servers 8218 9.30 Internet Radio and TV 5785 6.55 Multimedia Download 4071 4.61 Search Engines 3421 3.87 Business 3030 3.43 Personal Relationships 2474 2.80 Shopping and Auction 2053 2.32 Weapons 1897 2.15 News and Media 1795 2.03 Others 8260 9.35 Subtotal 88326 0.36

News and Media 72588 84.82


Reference 2886 3.37 Advertising 2824 3.30 Information Technology 2461 2.88 Content Servers 1016 1.19 Search Engines 940 1.10 Business 754 0.88 Shopping and Auction 598 0.70 Culture 191 0.22 Digital Postcards 171 0.20 Internet Radio and TV 166 0.19 Restaurant and Dining 165 0.19 Others 820 0.96 Subtotal 85580 0.35

Information Technology 18128 22.62 Content Servers 9177 11.45 Search Engines 8381 10.46 Advertising 8178 10.20 Business 5153 6.43 News and Media 4686 5.85 Shopping and Auction 3871 4.83 Internet Radio and TV 3202 4.00 Reference 2845 3.55 Restaurant and Dining 2051 2.56 Multimedia Download 2020 2.52 Sports 1933 2.41 Others 10519 13.13 Subtotal 80144 0.32

Sports 18398 23.17 Advertising 15897 20.02 Information Technology 14425 18.17 Search Engines 10482 13.20 Content Servers 5278 6.65 News and Media 2204 2.78 Unrated 2192 2.76 Reference 1789 2.25 Business 1731 2.18 Health and Wellness 1126 1.42 Web-based Email 1023 1.29 Instant Messaging 671 0.85 Others 4179 5.26 Subtotal 79395 0.32

Others 22776074 92.19 Total 24706676 100.00



Top Blocked Categories for Most Active Blocked Users The sources with the most blocked web page requests over the eporting period, broken down by category.

Top Blocked Categories for Most Active Blocked Users User Category Events % of Subtotal Instant Messaging 214569 98.92

Personal Relationships 1758 0.81 Personal Storage 244 0.11 Games 193 0.09 Personal Websites 141 0.07 Web Chat 10 0.00 Malware 3 0.00 Freeware Downloads 2 0.00 Internet Telephony 2 0.00 Subtotal 216922 12.22

Instant Messaging 213282 99.38 Personal Relationships 761 0.35 Personal Storage 307 0.14 Games 246 0.11 Personal Websites 15 0.01 Spyware 2 0.00 Internet Telephony 1 0.00 Subtotal 214614 12.09

Personal Websites 202322 99.94 Malware 81 0.04 Advertising 30 0.01 Pornography 4 0.00 Internet Telephony 4 0.00 Shopping and Auction 2 0.00 Personal Relationships 1 0.00 Subtotal 202444 11.40

Personal Websites 141866 99.86 Advertising 114 0.08 Freeware Downloads 41 0.03 Shopping and Auction 31 0.02 Multimedia Download 8 0.01 Personal Storage 2 0.00 Personal Relationships 1 0.00 Subtotal 142063 8.00

Advertising 34322 99.92 Freeware Downloads 13 0.04 Games 9 0.03 Instant Messaging 2 0.01 Personal Storage 2 0.01 Internet Radio and TV 1 0.00 Multimedia Download 1 0.00 Personal Relationships 1 0.00 Subtotal 34351 1.93


Instant Messaging 17435 88.26 Personal Relationships 1549 7.84 Games 508 2.57 Personal Storage 187 0.95 Personal Websites 36 0.18 Freeware Downloads 13 0.07 Web Chat 13 0.07 Internet Telephony 12 0.06 Malware 2 0.01 Subtotal 19755 1.11

Personal Relationships 7974 51.13 Instant Messaging 5135 32.93

Personal Storage 1429 9.16 Personal Websites 479 3.07 Games 248 1.59 Freeware Downloads 189 1.21 Internet Telephony 95 0.61 Adult Materials 23 0.15 Weapons 16 0.10 Spyware 6 0.04 Malware 1 0.01 Subtotal 15595 0.88

Internet Radio and TV 11758 99.72 Advertising 31 0.26 Games 2 0.02 Subtotal 11791 0.66

Games 7013 70.44 Personal Relationships 1770 17.78 Instant Messaging 353 3.55 Personal Websites 335 3.36 Personal Storage 318 3.19 Freeware Downloads 51 0.51 Hacking 43 0.43 Proxy Avoidance 28 0.28 I l legal or Unethical 14 0.14 Pornography 8 0.08 Malware 7 0.07 Gambling 4 0.04 Others 12 0.12 Subtotal 9956 0.56


Games 4448 45.66 Personal Relationships 3096 31.78 Personal Storage 715 7.34 Internet Telephony 590 6.06 Instant Messaging 316 3.24 Personal Websites 242 2.48 Freeware Downloads 220 2.26 Adult Materials 43 0.44 Web Chat 43 0.44 Spyware 9 0.09 Folklore 6 0.06 Pornography 4 0.04 Others 10 0.10 Subtotal 9742 0.55

Advertising 6294 67.98 Sports 930 10.04 Multimedia Download 922 9.96 Freeware Downloads 918 9.91 Instant Messaging 147 1.59 Personal Relationships 21 0.23 Job Search 10 0.11 Personal Websites 8 0.09 Shopping and Auction 6 0.06 Internet Telephony 3 0.03 Subtotal 9259 0.52

Personal Storage 8185 92.05 Personal Relationships 692 7.78 Multimedia Download 12 0.13 Games 2 0.02

Internet Radio and TV 1 0.01 Subtotal 8892 0.50

Others 880388 49.58 Total 1775772 100.00



Mailfilter fgt-mailfilter Top Spam Sources with Blocking Criteria Breakdown The spammers that sent the most spam emails over the reporting period, broken down by blocking criteria.

Top Spam Sources with Blocking Criteria Breakdown

Sender Block Criteria Events % of Subtotal FortiGuard block 663 100.00

Subtotal 663 0.39 FortiGuard block 242 100.00











Subtotal 214 0.13 Others 165771 98.01 Total 169134 100.00


Date post:	17-Apr-2018
Category:	Documents
Upload:	dinhkiet
View:	244 times
Download:	2 times

FortiAnalyzer Report Example Table of Contents information has been removed from tables and charts...

Documents