Requests / 1h
142,380
↑ +8.2% from last hour
Blocked Requests
1,247
0.87% of total traffic
Active Devices
384
of 412 enrolled
DNS Queries / 1h
2.1M
Gateway resolver healthy
Policy Violations
23
↑ 5 new in last 30 min
Gateway Access Logs
● LIVE
| Time | Identity | Source IP | Destination | Action |
|---|---|---|---|---|
| 11:47:08 | [email protected] | 192.168.12.44 | soc.onesecuritydivision.com | ALLOW |
| 11:47:05 | — | 45.79.110.22 | soc.onesecuritydivision.com/admin | BLOCK |
| 11:47:01 | [email protected] | 192.168.3.102 | pastebin.com | WARN |
| 11:46:58 | soc-admin | 10.0.1.5 | ssh://infra-db-prod-01 | ALLOW |
| 11:46:52 | — | 179.60.147.3 | hr.onesecuritydivision.com | BLOCK |
| 11:46:47 | [email protected] | 192.168.5.78 | t.me (Telegram) | BLOCK |
| 11:46:40 | [email protected] | 192.168.8.201 | confluence.onesecuritydivision.com | ALLOW |
Threat Detections
4 ACTIVE
Data Exfiltration Attempt
Upload >230 MB to mega.nz · User:
[email protected]SSH Brute Force
172 attempts from
45.79.110.22 → infra-db-prod-01Policy Violation — Category
Social media access blocked by
GW-POLICY-SNSUnmanaged Device
MAC
F4:5C:89:2A:11:BD — no posture recordDevice Posture
2 Issues
🪟
OSD-WKS-0041 · budi.santoso
✓ Compliant
🍎
OSD-MBP-0018 · dewi.rahma
⚠ OS Outdated
🐧
OSD-SRV-DB01 · production
✓ Compliant
📱
Unknown · F4:5C:89:2A:11:BD
✕ Not Enrolled
Gateway Policies
5 Active
Block Social Media
scope: all-users · DNS + HTTP inspect
ZTNA — Internal Apps Only
scope: contractor-group
Block File Upload to Cloud Storage
scope: all-users · HTTP TLS inspect
SSH via Cloudflare Tunnel
scope: soc-admin-group
Require Device Posture Check
scope: all-users — DISABLED
DNS Gateway — Top Blocked Domains
| Domain | Category | Hits | Action |
|---|---|---|---|
| t.me | Messaging App | 382 | BLOCK |
| mega.nz | File Sharing | 247 | BLOCK |
| instagram.com | Social Media | 201 | BLOCK |
| pastebin.com | Suspicious | 44 | WARN |
| malware-c2.xyz | Known Malware C2 | 3 | BLOCK |
| coinminer.ru | Cryptominer | 1 | BLOCK |