- Products
- Learn
- Local User Groups
- Partners
- More
Firewall Uptime, Reimagined
How AIOps Simplifies Operations and Prevents Outages
Introduction to Lakera:
Securing the AI Frontier!
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
SharePoint CVEs and More!
hello
i have a cluster of 2 firewalls, they have enabled only the application blade, without the URL blade.
i want to limit the bandwidth for the category media streams and media sharing in the following way.
the thing is that is applied and installed but I have no idea on how to check if this is actually working.
i tried to look at the applications and sites but i dont see anything related to traffic being rate limited.
on the logs i do see that the traffic matches the rule created on the application layer but as i said, i have no idea on how to check if the limit is applied or not.
can someone guide me ?
Regards
That is a nice question
One way can be , if you have monitor blade enable from top source view compare the bandwith in use by single host
But someone can be more helpful than me on this
i am looking more to an answer similar to this
Please see my recent post in this thread, your monitoring options are somewhat "limited":
How to monitor bandwidth limit for application control
--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com
you ask for monitoring bandwith and not for dropped packet ofc Tim reply was more in deep no doubt about that
Hello can you edit the profile in the smartlog to check for further information about traffic.
thanks for the feedback all, unfortunately this is not working for me.
i am not able to see any discarded packet on the smartview or smartlog.
also monitoring this through CLI as Tim Hall fw ctl zdebug +drop | grep APPI_LIMIT i am not able to find a thing either.
so here it goes my question, is this really working? can media stream traffic be throttled ?
Regards
This is more of a General Product Topics question.
You won't necessarily see drops in SmartLog when traffic is limited.
From the notes I've seen internally, this is what you should be looking at to validate that limiting is happening (granted, this is from R75.40:
fw ctl zdebug -m APPI all > dbg.txt
In dbg.txt, look for: fw_appi_limit_set_matched_data: Set new rule_id: (rule_num)
This will tell you that traffic is being matched to a rule with limit.
Note this debug can be overwhelming on gateways with a lot of traffic, so I would only run it fairly briefly.
just a follow up, i managed to get logs on the zdebug.
now my question is , is there a way to to have this in a nice report in the smartevent with the views/reports?
Regards
What are you trying to get into the reports, exactly, that bandwidth was actually limited?
Since this isn't logged in the logs (to the best of my knowledge), I assume you can't run a report on it.
i was hope to get something like this :img
As I said, it's not something we currently log, therefore not something we can report on.
It's something we can look at adding in a later release.
thanks!
To the best of my knowledge the fact that you use Accounting on the rule means you will have log entries that also contain information about the amount of triffic.
However this may no tell you anything about the bandwidth usage.
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
User | Count |
---|---|
14 | |
12 | |
11 | |
9 | |
8 | |
7 | |
5 | |
5 | |
5 | |
5 |
Tue 07 Oct 2025 @ 10:00 AM (CEST)
Cloud Architect Series: AI-Powered API Security with CloudGuard WAFThu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Thu 09 Oct 2025 @ 10:00 AM (CEST)
CheckMates Live BeLux: Discover How to Stop Data Leaks in GenAI Tools: Live Demo You Can’t Miss!Wed 22 Oct 2025 @ 11:00 AM (EDT)
Firewall Uptime, Reimagined: How AIOps Simplifies Operations and Prevents OutagesAbout CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY