Solved

How Do I Create An Application Firewall Object For ALL Traffic?

Posted on 2009-06-30
4
758 Views
Last Modified: 2012-06-27
I have a Sonicwall NSA 5000 and I am trying to limit bandwidth for a particular subnet (we do hosting).  I can see with Application Firewall I can limit bandwidth based on Application objects (MP3, HTTP, etc.).  My question is, I don't want to limit it based on type, I want to limit ALL of it - how do I create an Application object that I can use in a policy that encompasses ALL traffic from that subnet?

Thanks!
Chris
0
Comment
Question by:idealaccount
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 13

Accepted Solution

by:
Ugo Mena earned 125 total points
ID: 24749488
what you want to do can be achieved with an Address Object for the subnet .. We use this setup to limit the bandwidth available to our VPN client tunnels and it works great.

but before you can start managing your bandwidth you will need to enter your WAN connection speeds within the Network Interfaces/Advanced/Bandwidth Management section (remember here that Ingress is download speed, Egress is upload speed).
Then create an Address Object range for the subnet you would like to limit.
Next from the Firewall/Access Rules section you create a rule for that Address Object with services set to Any... Next, from within the Access Rules/Advanced tab you set the Limit the connections allowed to X (think sessions here, not users)... Then from within the Access Rules/Ethernet Bandwidth Management tab you should Enable EBM and then set your Guaranteed (Min) % and Max % of your WAN's available bandwidth that can be used by that Address Object.

0
 

Author Comment

by:idealaccount
ID: 24784699
I don't want to limit sessions, though, just total, bandwidth on the interface (per-vlan basically).  I have people paying for specific amounts of bandwidth (we do hosting) so I need to limit it by amount, not session count.
0
 
LVL 13

Expert Comment

by:Ugo Mena
ID: 24836743
you dont have to enable connection limiting to use the EBM max and min bandwidth mgmt. leave it unchecked and blank and it will be limiting by bandwidth only.
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question