FortiCWP Traffic is an intuitive graphical interface allowing you to interact with all types of sources accessing the cloud resource thus giving an overall diagnostic of the cloud instance health. Follow the steps below to access Traffic.
- From FortiCWP navigation pane, go to Resource
- For resource types that has traffic enabled (ex. EC2 , RDS instances, etc.), click on Action button and select Traffic.
- An interactive cloud data traffic map will be shown with inbound and outbound traffic of all sources accessing the virtual machine.
- Clicking on the description of the inbound/outbound traffic will show detail of the source that is accessing the virtual machine.,
For example, clicking on the traffic coming from a suspicious IP will give a list of Violated Policies.
Click on the violated policies will show the Traffic Details of the brute force attack on the virtual machine. In this way, the cloud administrator can take remediation quickly against the intrusion.
There are two ways to access traffic feature from Alert page: through Network and Risk Assessment alerts.
- From FortiCWP navigation pane, go to Alert.
- Click on the arrow key > next to a Network type alert.
- In the summary field there will be a link to traffic, click on the traffic link to re-direct to Traffic.
- Locate a Risk Assessment type alert, in the summary field, click on the object to re-direct to the Resource page.
- In the Resource page, click on the Action > Traffic to access traffic feature.