cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

How to monitor bandwidth limit for application control

Hi

Anyone can advice. How to monitor bandwidth limit for application control ?

MGMT R80.10

GW R77.30

Bandwidth limit

9 Replies
Danny
Pearl

Re: How to monitor bandwidth limit for application control

SmartEvent Views is what you are looking for.

0 Kudos

Re: How to monitor bandwidth limit for application control

Hi Danny

Thank you for your advice but I would like to see real time utilize or exceed drop for limit policy  when user complain about slow access.

0 Kudos

Re: How to monitor bandwidth limit for application control

Note - The Security Gateway implements the Limit action by dropping successive packets which exceed the allowed bandwidth.

How to monitor exceed drop ? I have no see this log from SmartConsole.

0 Kudos
Danny
Pearl

Re: How to monitor bandwidth limit for application control

Then you want to use SmartLog like this:

Ed_Eades
Nickel

Re: How to monitor bandwidth limit for application control

I do not get any results when using the filter, "bandwidth AND appi_name:YouTube".  However I do get results if use the filter, "bandwidth" by itself or "appi_name:YouTube" by itself.

I am very interested in getting the results like the screen shot from Kosin.

Re: How to monitor bandwidth limit for application control

Bandwidth management by dropping packets is a bad strategy. You can get much better results by changing (reducing) window sizes in responses and holding back acknowledgement packets.

Nothing gets dropped but you let the TCP protocol do the bandwidth limiting.

Not somethink I invented. Companies like PacketShaper (bought by Blue Coat, bought in turn by Symantec) did create great appliances with features like this.

0 Kudos

Re: How to monitor bandwidth limit for application control

Thank you Danny. Now I can see drop log from smartview for bandwidth limit policy.

0 Kudos

Re: How to monitor bandwidth limit for application control

hi

i have the same question as you.

Could you please guide me on how to get those statistics as you did?

thanks

0 Kudos

Re: How to monitor bandwidth limit for application control

When researching my book I dug into the APCL Limit feature, trying to find a way to disable APCL limits "on the fly" for testing purposes or to monitor real-time statistics for packets dropped due to a Limit.  The goal was to ensure an enforced Limit was not the cause of poor performance.  Other than the statistics that are included in the traffic logs as demonstrated by Danny Jung‌ above, there isn't a direct way to do that.  I also discovered that APCL/URLF cannot be disabled "on the fly" like Threat Prevention can with fw amw unload.

However fw ctl zdebug drop will show real-time packet drops due to an APCL limit with the message: PSL Drop: APPI_LIMIT

Also watch out for this issue when limits are applied to traffic subject to HTTPS Inspection:

sk70600: Connectivity issues when configuring Application Control limit and enabling HTTPS Inspectio...

--
Second Edition of my "Max Power" Firewall Book
Now Available at http://www.maxpowerfirewalls.com

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos