Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Administration Guide

Security Monitor

The Security Monitor dashboard includes the following widgets:

Top Threat Destinations

A world map showing the highest network traffic. Hover the cursor over data points to see the source device and IP address, destination IP address and country, threat level, and the number of incidents (blocked and allowed).

Top Threat

The top threats to your network. Hover the cursor over data points to see the threat, category, threat level, threat score (blocked and allowed), and the number of incidents (blocked and allowed).

The following incidents are considered threats:

  • Risk applications detected by application control
  • Intrusion incidents detected by IPS
  • Malicious web sites detected by web filtering
  • Malware/botnets detected by antivirus

Top Applications

The top applications used on the network. Hover the cursor over data points to see the application name, risk level, category, sessions (blocked and allowed), and bytes (sent and received).

Top Endpoint Vulnerabilities

Vulnerability information about FortiClient endpoints. Hover the cursor over data points to see the vulnerability count (critical, high, medium, and low), source IP address and device, and category.

Top Sources

The highest network traffic by source IP address and interface, sessions (blocked and allowed), threat score (blocked and allowed), and bytes (sent and received).

Top Countries

The highest network traffic by country, sessions (blocked and allowed), and bytes (sent and received). You can display this widget as a treemap chart, bubble chart, or bar chart; sorted by bandwidth or the number of sessions.

Top Dialup VPN

A world map showing the users accessing the network using SSL or IPsec over a VPN tunnel. Hover the cursor over data points to see the user name or IP address, connected from IP address and country, connection time and duration, and bytes (sent and received).

VPN Site-to-Site

A world map showing the names of VPN tunnels with Internet protocol security (IPsec) that are accessing the network. Hover the cursor over data points to see the site-to-site IPsec tunnel, connected from and to IP address (including city and country if available), duration, and bytes (sent and received).

FortiSandbox - Scanning Statistics

The number of files scanned by FortiSandbox. This chart shows the files by type: malicious, suspicious, clean, and others. Hover the cursor over data points to see the number of files of each type.

FortiSandbox - Top Malicious & Suspicious File Users

Users or IP addresses that have the highest number of malicious and suspicious files detected by FortiSandbox. This chart shows the username and avatar if it’s available, otherwise it shows the IP address. Hover the cursor over data points to see the number of files.

Security Monitor

The Security Monitor dashboard includes the following widgets:

Top Threat Destinations

A world map showing the highest network traffic. Hover the cursor over data points to see the source device and IP address, destination IP address and country, threat level, and the number of incidents (blocked and allowed).

Top Threat

The top threats to your network. Hover the cursor over data points to see the threat, category, threat level, threat score (blocked and allowed), and the number of incidents (blocked and allowed).

The following incidents are considered threats:

  • Risk applications detected by application control
  • Intrusion incidents detected by IPS
  • Malicious web sites detected by web filtering
  • Malware/botnets detected by antivirus

Top Applications

The top applications used on the network. Hover the cursor over data points to see the application name, risk level, category, sessions (blocked and allowed), and bytes (sent and received).

Top Endpoint Vulnerabilities

Vulnerability information about FortiClient endpoints. Hover the cursor over data points to see the vulnerability count (critical, high, medium, and low), source IP address and device, and category.

Top Sources

The highest network traffic by source IP address and interface, sessions (blocked and allowed), threat score (blocked and allowed), and bytes (sent and received).

Top Countries

The highest network traffic by country, sessions (blocked and allowed), and bytes (sent and received). You can display this widget as a treemap chart, bubble chart, or bar chart; sorted by bandwidth or the number of sessions.

Top Dialup VPN

A world map showing the users accessing the network using SSL or IPsec over a VPN tunnel. Hover the cursor over data points to see the user name or IP address, connected from IP address and country, connection time and duration, and bytes (sent and received).

VPN Site-to-Site

A world map showing the names of VPN tunnels with Internet protocol security (IPsec) that are accessing the network. Hover the cursor over data points to see the site-to-site IPsec tunnel, connected from and to IP address (including city and country if available), duration, and bytes (sent and received).

FortiSandbox - Scanning Statistics

The number of files scanned by FortiSandbox. This chart shows the files by type: malicious, suspicious, clean, and others. Hover the cursor over data points to see the number of files of each type.

FortiSandbox - Top Malicious & Suspicious File Users

Users or IP addresses that have the highest number of malicious and suspicious files detected by FortiSandbox. This chart shows the username and avatar if it’s available, otherwise it shows the IP address. Hover the cursor over data points to see the number of files.