Countries

Countries

The Countriesconsole displays network activity by geographic region. This console features the same view options as the other consoles, as well as Country Map. This visually highlights the countries from which user access to the network has been detected on a map of the globe.

The Time Display options for this console are 5 minutes, 1 hour, and 24 hours. The Country Map can sort by various options using the Sort By: dropdown menu. You can place your cursor over any country to display a tool-tip with detailed info on that country’s traffic, and click on any country to drill down into greater (filtered) detail. The colour gradiant on the map indicates the traffic load, where red indicates the more critical load.

This console can be filtered by Country, Destination Interface, Policy, Result, and Security Interface. For more on filters, see Filtering options.

Only FortiGate models 100D and above support the 24 hour historical data.

 

Scenario: Investigate international source bandwidth usage

The Countries console can be used to investigate how much bandwidth specific international sources/IP addresses are using:

1. Go to FortiView > Countries to see what and how many countries are currently logged into the corporate network. You can also see how many sessions are taking place in each country, and how much traffic they are generating, shown by bytes sent and received, and total bandwidth usage.

2. To see how much specific bandwidth any particular session is using, drill down into a country, e.g. United States, and select the Destinations drill down option.

3. All current sessions from the United States are now shown in list format. From here you can select either Bytes (Sent/Received) and/or Bandwidth column headers to show which session is generating the most bandwidth, and exactly how much bandwidth is being used.

This entry was posted in FortiOS 5.4 Handbook and tagged , , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.