This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Traffic data

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Traffic data

akqaking
L0 Member

‎04-11-2012 01:58 PM

we are on 4.1.4, noticed some very odd traffic data from ACC.

1, some internal traffic happened at 9am - 930am, PA ACC showed it happened at 3pm afternoon.

2. about 35G data from one machine out to the facebook within one hour, but our connection is only 40M, shared with 300 people, I dont think it could send that kind amount data out?

wondering if anyone has the same 'issue'?

Thank you.

0 Likes Likes
2 REPLIES 2

ukhapre
L3 Networker

‎04-16-2012 11:40 AM

Hello, The traffic logs are logged at end of the session. So the entry is logged only after the session was ended which could have taken some time (security policy -> last option 'option' -> Log at session end). Check if you have threat/av profile configured for that rule.

The same could be applicable for internal traffic however the difference seems to be high.

0 Likes Likes

mikand
L6 Presenter
In response to ukhapre

‎04-17-2012 01:33 PM

Still sounds odd...

If you maximize 40Mbit/s to transmit 35GB of data you need approx at least 2hours 5minutes or so do accomplish this.

Even if the PAN logs at session end then the session start for that session should still be correct wouldnt it?

Could it be some NTP who malfunctioned or such?

0 Likes Likes
  • 1735 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks