Who is Office of The CISO? - How to Get Into Cybersecurity - What is a Chief Information Security Officer?
What is a SOC Analyst?
This section describes the following log filter consoles available in FortiView:
- Sources on page 1160 explains the features of FortiView’s Sources console, and shows how you can investigate an unusual spike in traffic to determine which user is responsible.
- Destinations on page 1161 explains the features of FortiView’s Destinations console and shows how you can access detailed information on user destination-accessing through the use of drill down functionality.
- Interfaces on page 1161 explains the number of interfaces connected to your network, how many sessions there are in each interface, and what sort of traffic is occurring.
- Policies on page 1162 explains what policies are in affect on your network, what their source and destination interfaces are, how many sessions are in each policy, and what sort of traffic is occurring.
- Countries on page 1162 explains and graphically displays network activity by geographic region.
- WiFi Clients on page 1164 shows a list of all the devices connected to the WLAN.
- All Sessions on page 1164 explains the features of FortiView’s All Sessions console and shows how you can filter sessions by port number and application type.
- Applications on page 1165 explains the features of FortiView’s Applications console and shows how you can view what sort of applications their employees are using.
- Cloud Applications on page 1165 explains the features of FortiView’s Cloud Applications console and shows how you can drill down to access detailed data on cloud application usage, e.g. YouTube.
- Web Sites on page 1166 explains the features of FortiView’s Web Sites console and shows how you can investigate instances of proxy avoidance which is the use of a proxy site in order to access data that might otherwise be blocked by the server.
- Threats on page 1167 explains the features of FortiView’s Threats console and shows how you can monitor threats to the network, both in terms of their Threat Score and Threat Level.
- Threat Map on page 1168 explains the features of Fortiview’s Threat Map console which provides a geographical display of threats, in realtime, from international sources as they arrive at your FortiGate.
- Failed Authentication on page 1169 explains instances in which users attempted to connect to the server but were unsuccessful.
- System Events on page 1169 explains security events detected by FortiOS, providing a name and description for the events, an assessment of the event’s severity level, and the number of instances the events were detected.
- Admin Logins on page 1170 explains information on administrator interactions with the network, including the number of login instances, number of failed logins, and the length of time logged in.
- VPN on page 1170 explains how users can access information on any VPNs associated with their FortiGate.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!
Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos
Cybersecurity Videos and Training Available Via: Office of The CISO Security Training Videos