Traffic shaping rules are used to limit the bandwidth for certain users, hosts, services, or applications.
To create a traffic shaping rule, go to the Network policies ➜ Traffic shaping section, click Add, and provide the desired settings.
Name |
Description |
---|---|
Enabled |
Enables or disables the rule. |
Name |
The name of the rule. |
Description |
A description of the rule. |
Bandwidth pools |
Select one of the bandwidth pools. A bandwidth pool can optionally change the priority tags of DSCP traffic. For instructions on how to create more bandwidth pools, see the Bandwidth Pools section. |
Scenario |
The scenario that must be active for the rule to be triggered. For more details on how scenarios work, see the Scenarios section. Important! A scenario is an additional condition. If the scenario was not triggered (one or more scenario triggers did not occur), the rule will not be triggered. |
Logging |
Logs traffic information when the rule is triggered. The available options are:
|
Source |
The zone, IP address lists, Geo-IP address lists, or URL lists of the traffic source. The URL list must include only domain names. Every 5 minutes NGFW resolves domain names into IP addresses and stores the result in the internal cache for the DNS record's time-to-live (TTL). When the TTL expires, NGFW automatically updates the IP address value. Important! The maximum number of GeoIPs that can be specified is limited to 15. Important! The traffic processing logic is as follows:
|
Users |
The users or user groups to which this rule will be applied. |
Destination |
The zone, IP address lists, Geo-IP address lists, or URL lists of the traffic destination. The URL list must include only domain names. Every 5 minutes NGFW resolves domain names into IP addresses and stores the result in the internal cache for the DNS record's time-to-live (TTL). When the TTL expires, NGFW automatically updates the IP address value. Important! The maximum number of GeoIPs that can be specified is limited to 15. Important! The traffic processing logic is as follows:
|
Service |
The service type, such as HTTP, HTTPS or other. |
Applications |
The list of applications for which bandwidth needs to be limited. |
Time |
The time when this rule will be active. |