Number Of Scanned Connections Is Lower Than Listed In Traffic Categories. Any Explanation?

Hi,

I encountered an issue with iOS Web Protection analysis. To operate with numbers for better understanding:

Number of scanned connections: 805
Number of connections by Traffic Categories:

Computers and software: 965
Others: 644
Business: 375
Illegal: 111 (!!)
Browsers: 102
Online shopping: 77
Ads: 61
Travels: 56
Social media: 51
Auto connections: 48
Others (apparently different category): 273

The number of cnnections in the Traffic Category raises all the time, even if I dont visit any website, dont use social media and NO online shopping has been made.

Additionally the category: ILLEGAL puzzles me, as I opened today literally 3 websites, no background apps are opened.

Please advise how I should interpret it, because its puzzling at best and threatening at worse.

Find more posts tagged with

Accepted answers

Alexandru_BD

Hello @MPr,

Here's some insight on this:

Some domains fall into several categories, so the sum of the connections presented in the category section may be higher than the sum of the scanned connections.

The information from the DNS server is sent in batches to the cloud/connect area where it is stored (and then displayed in the app) - sometimes it is not updated instantly.

Even if certain applications are not open / run in the background on the device, they can be woken up by the system at certain times of the day by Push Notifications or other rules programmed in that app where the apps update themselves and can make traffic on the Internet.

I hope the information is helpful.

Regards

All comments

Alexandru_BD

Hello @MPr,

Here's some insight on this:

Some domains fall into several categories, so the sum of the connections presented in the category section may be higher than the sum of the scanned connections.

The information from the DNS server is sent in batches to the cloud/connect area where it is stored (and then displayed in the app) - sometimes it is not updated instantly.

I hope the information is helpful.

Regards

MPr

Thank you for the explanation!

kalixo

If i can add onto this discussion. Would you have any insight on what the "illegal" category means and how it is determined? As MPr stated it is an alarming category to see especially when there are number counts associated with it on a work phone that is hardly used.

Alexandru_BD

Hi @kalixo and thanks for joining the conversation here.

Even though the respective category is called 'illegal', this shouldn't be alarming, as it doesn't necessarily mean that the user is attempting to do illegal things. It means that this category includes the domains that fall into this category, according to content about illegal topics.

Regards

Nauman

@Alexandru_BD is there any way we can get a detail report of computers/sites/apps connected or tried to connect to my system. I am using BD mobile security for iOS

Alexandru_BD

Hello @Nauman,

As far as I'm aware, there isn't such an option.

Regards