FortiView consoles

FortiView consoles

 

This section describes the following log filter consoles available in FortiView:

  • Sources on page 1160 explains the features of FortiView’s Sources console, and shows how you can investigate an unusual spike in traffic to determine which user is responsible.
  • Destinations on page 1161 explains the features of FortiView’s Destinations console and shows how you can access detailed information on user destination-accessing through the use of drill down functionality.
  • Interfaces on page 1161 explains the number of interfaces connected to your network, how many sessions there are in each interface, and what sort of traffic is occurring.
  • Policies on page 1162 explains what policies are in affect on your network, what their source and destination interfaces are, how many sessions are in each policy, and what sort of traffic is occurring.
  • Countries on page 1162 explains and graphically displays network activity by geographic region.
  • WiFi Clients on page 1164 shows a list of all the devices connected to the WLAN.
  • All Sessions on page 1164 explains the features of FortiView’s All Sessions console and shows how you can filter sessions by port number and application type.
  • Applications on page 1165 explains the features of FortiView’s Applications console and shows how you can view what sort of applications their employees are using.
  • Cloud Applications on page 1165 explains the features of FortiView’s Cloud Applications console and shows how you can drill down to access detailed data on cloud application usage, e.g. YouTube.
  • Web Sites on page 1166 explains the features of FortiView’s Web Sites console and shows how you can investigate instances of proxy avoidance which is the use of a proxy site in order to access data that might otherwise be blocked by the server.
  • Threats on page 1167 explains the features of FortiView’s Threats console and shows how you can monitor threats to the network, both in terms of their Threat Score and Threat Level.
  • Threat Map on page 1168 explains the features of Fortiview’s Threat Map console which provides a geographical display of threats, in realtime, from international sources as they arrive at your FortiGate.
  • Failed Authentication on page 1169 explains instances in which users attempted to connect to the server but were unsuccessful.
  • System Events on page 1169 explains security events detected by FortiOS, providing a name and description for the events, an assessment of the event’s severity level, and the number of instances the events were detected.
  • Admin Logins on page 1170 explains information on administrator interactions with the network, including the number of login instances, number of failed logins, and the length of time logged in.
  • VPN on page 1170 explains how users can access information on any VPNs associated with their FortiGate.
This entry was posted in FortiOS 5.4 Handbook and tagged , , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.