SAMCO-M370 Executive Summary Report 2023-07-13 06 00 00 to 2023-07-14 06 00 00
advertisement
Executive Summary Report Report generated 2023-07-14 06:00:07 (Asia/Jakarta) Complete Visibility into network traffic and security events boosts efficiency, productivity, and profitability. The summary report provides the business intelligence that you need to support key goals: ♦ Ensure productive use of corporate assets and time throughout the organization. ♦ Audit compliance against acceptable usage policies for Internet usage. ♦ Monitor protection against spyware, malware, and viruses. Page 1 Executive Summary Report Device(s): SAMCO-M370 (192.168.108.30) 801309453C64F From: 2023-07-13 06:00:00 (Asia/Jakarta) To: 2023-07-14 06:00:00 (Asia/Jakarta) Available Reports Top Blocked Attacks Top Clients Top Domains Page 2 Top Blocked Attacks The Intrusion Prevention Service (IPS) provides real-time protection against network threats, including spyware, SQL injections, cross-site scripting, and buffer overflows. Skillful hackers can exploit these vulnerabilities to gain control of computer systems in the network. For example with buffer overflows, the hacker can send input that overflows the allocated memory, enabling them to gain access to the portion of memory where code is executed. Once code is installed, it can be used for theft of company financial data, or botnets could be used to extract company confidential information. This report details the top intrusion attacks that were blocked at the firewall over the reporting period. More details about each intrusion attack are available at the WatchGuard Security Portal (http://www.watchguard.com/SecurityPortal/ThreatDB.aspx) Hits WEB Remote Command Execut... SSL OpenSSL X509_V_FLAG_X... 0 2 4 6 Name Hits WEB Remote Command Execution via Shell Script -1.a 9 SSL OpenSSL X509_V_FLAG_X509_STRICT and signature_algorithms Vu 1 Total: 2 10 Page 3 8 10 Top Clients This report shows the most active endpoints on the network, i.e. the ones that generated the most traffic. When Single Sign-on is implemented at the firewall, the report shows the name of the user associated with the IP address. Bytes Transferred, Hits KB 0 5000 10000 15000 Hits 20000 192.168.108.96 192.168.30.237 192.168.30.26 192.168.108.44 192.168.30.133 192.168.108.103 192.168.30.239 192.168.30.98 192.168.108.128 192.168.108.115 0 20000000 40000000 60000000 80000000 Name Bytes Hits 192.168.108.96 59 GB 1723 192.168.30.237 7 GB 21534 192.168.30.26 6 GB 22666 192.168.108.44 3 GB 2013 192.168.30.133 3 GB 8602 192.168.108.103 2 GB 12622 192.168.30.239 2 GB 3094 192.168.30.98 2 GB 1469 192.168.108.128 2 GB 13746 192.168.108.115 2 GB 4627 Total: 10 87 GB 92096 Page 4 100000000 Top Domains Internet access is an essential requirement for most employees to perform their job functions, but unlimited Internet access can sap productivity and also open the door to inappropriate adult content and sexually explicit images that could put your organization at risk. This report shows the top web domains that were visited over the reporting period. Bytes Transferred, Hits KB 0 10000 20000 Hits 30000 windowsupdate.com microsoft.com apple.com tiktokcdn.com icloud-content.com googleapis.com adobe.com vnecdn.net google.com oneclient.sfx.ms 0 2000000 4000000 6000000 8000000 Name Bytes Hits windowsupdate.com 6 GB 18578 microsoft.com 4 GB 28688 apple.com 4 GB 11744 tiktokcdn.com 3 GB 2474 icloud-content.com 1 GB 330 googleapis.com 1 GB 11671 adobe.com 1 GB 434 vnecdn.net 907 MB 2338 google.com 747 MB 10658 oneclient.sfx.ms 720 MB 148 Total: 10 23 GB 87063 Page 5 10000000
