Here's how you traffic shape by APPLICATION type.
Lets say we want to limit social media, specifically facebook.
First, create a traffic shaper. I called it "SOCIAL MEDIA". I set it to a LOW priority and MAX bandwidth of 1000Kbps (1 meg)
Next I created a new traffic shaping policy:
SOURCE/DESTINATION = ALL (apply to all groups)
(set destination to a specific address range if you want to limit it to a certain group of users)
but ALL is a pretty good test!
SERVICE = ALL
Set APPLICATION CATEGORY to "Social Media". Selecting a category just reduces what shows up in the application window to make it easier.
Application = Select all the Facebook ones. When you click in the "Application" drop box, the box of available apps will show up on the right. You can shift click to select a range or certain ones.
URL Category isn't probably necessary, but you can select "SOCIAL NETWORKING"
Outgoing Interface = Your internet connection. Could be WAN1/2 or something, depends on how you configured and named your internet.
SHARED SHAPER & REVERSE SHAPER = both to "SOCIAL MEDIA" (which you created earlier)
Select "OK" at the bottom.
Now click on Policy and Object -> Traffic Shaping Policy
Place it in the list relative to others in the list to ensure its followed.
Now to get this to work, you need to assign "Application Control" setting to each policy that you want this to be used on, and you need to assign an application control policy.
Security Porfiles -> Application Control
Using the Default application sensor for this example
Set "SOCIAL MEDIA" to "MONITOR"
Save those changes, then go to the policy you want this to be applied to and set the Application Control
Move the shaper to an appropriate position in the list. You would need to be weary of other policies that might over ride the one you put in because their position is higher.
Lets say we want to limit social media, specifically facebook.
First, create a traffic shaper. I called it "SOCIAL MEDIA". I set it to a LOW priority and MAX bandwidth of 1000Kbps (1 meg)
Next I created a new traffic shaping policy:
SOURCE/DESTINATION = ALL (apply to all groups)
(set destination to a specific address range if you want to limit it to a certain group of users)
but ALL is a pretty good test!
SERVICE = ALL
Set APPLICATION CATEGORY to "Social Media". Selecting a category just reduces what shows up in the application window to make it easier.
Application = Select all the Facebook ones. When you click in the "Application" drop box, the box of available apps will show up on the right. You can shift click to select a range or certain ones.
URL Category isn't probably necessary, but you can select "SOCIAL NETWORKING"
Outgoing Interface = Your internet connection. Could be WAN1/2 or something, depends on how you configured and named your internet.
SHARED SHAPER & REVERSE SHAPER = both to "SOCIAL MEDIA" (which you created earlier)
Select "OK" at the bottom.
Now click on Policy and Object -> Traffic Shaping Policy
Place it in the list relative to others in the list to ensure its followed.
Now to get this to work, you need to assign "Application Control" setting to each policy that you want this to be used on, and you need to assign an application control policy.
Security Porfiles -> Application Control
Using the Default application sensor for this example
Set "SOCIAL MEDIA" to "MONITOR"
Save those changes, then go to the policy you want this to be applied to and set the Application Control
Move the shaper to an appropriate position in the list. You would need to be weary of other policies that might over ride the one you put in because their position is higher.
No comments:
Post a Comment
Feel free to leave a comment! If you have any information that you think should be included, please do so here and I'll get it added in.