Monitor Outbound Network Traffic

Applies To: WatchGuard Advanced Reporting Tool

To minimize the attack surface and avoid exfiltration of data, it is important to know the external ports that outgoing traffic is sent to. Use the Outbound Network Traffic tab to see where data is sent (and received), and to identify possible data breaches and compromised systems.

Screen shot of Advanced Visualization Tool, ART > Data Access Control dashboard

If you do not monitor outgoing traffic on sensitive ports, you could expose your company to potential attacks. We recommend that you close open ports when you do not need them and monitor ports continuously when access is required.

To see outbound network traffic destinations, from the WatchGuard EPDR or WatchGuard EDR managment UI:

  1. In WatchGuard Cloud, select Monitor > Endpoints.
  2. Select Status.
  3. From the left pane, select Advanced Visualization Tool.
    A new browser tab opens.
  4. From the left pane, select Advanced Reporting > Data Access Control.
  5. Select the time period to filter the data on.

Screen shot of Advanced Visualization Tool, date selector

  1. Click Refresh.
    The dashboard shows information for the time period selected.
  2. Select the Outbound Network Traffic tab.
  3. In the Data section, review the Countries with Outbound Connections tile.
    This tile shows information about the volume of data sent from your network to a country. The charts show the absolute and relative amounts of data transferred.
  4. In the Map section, review the highlighted destinations.
    The map shows the destinations where the largest amount of data was sent and helps you to identify abnormal traffic destinations.

Screen shot of Advanced Visualization Tool, ART > Data Access Control map

Related Topics

Data Access Control Dashboard

Monitor User Activity

Monitor Bandwidth-Consuming Application Processes and Users

Monitor the Data Files Accessed