Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 763
  • Last Modified:

How Do I Create An Application Firewall Object For ALL Traffic?

I have a Sonicwall NSA 5000 and I am trying to limit bandwidth for a particular subnet (we do hosting).  I can see with Application Firewall I can limit bandwidth based on Application objects (MP3, HTTP, etc.).  My question is, I don't want to limit it based on type, I want to limit ALL of it - how do I create an Application object that I can use in a policy that encompasses ALL traffic from that subnet?

Thanks!
Chris
0
idealaccount
Asked:
idealaccount
  • 2
1 Solution
 
Ugo MenaCommented:
what you want to do can be achieved with an Address Object for the subnet .. We use this setup to limit the bandwidth available to our VPN client tunnels and it works great.

but before you can start managing your bandwidth you will need to enter your WAN connection speeds within the Network Interfaces/Advanced/Bandwidth Management section (remember here that Ingress is download speed, Egress is upload speed).
Then create an Address Object range for the subnet you would like to limit.
Next from the Firewall/Access Rules section you create a rule for that Address Object with services set to Any... Next, from within the Access Rules/Advanced tab you set the Limit the connections allowed to X (think sessions here, not users)... Then from within the Access Rules/Ethernet Bandwidth Management tab you should Enable EBM and then set your Guaranteed (Min) % and Max % of your WAN's available bandwidth that can be used by that Address Object.

0
 
idealaccountAuthor Commented:
I don't want to limit sessions, though, just total, bandwidth on the interface (per-vlan basically).  I have people paying for specific amounts of bandwidth (we do hosting) so I need to limit it by amount, not session count.
0
 
Ugo MenaCommented:
you dont have to enable connection limiting to use the EBM max and min bandwidth mgmt. leave it unchecked and blank and it will be limiting by bandwidth only.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now