Chapter 4 Firewall

To control the rate of traffic flow between zones, configure bandwidth management as follows:

STEP A In the Type field, choose the type of bandwidth management to be applied, either:

Select Per Rule to indicate that the total bandwidth will be shared by all sessions that match the rule.

Select Per Session to indicate that the specified amount of bandwidth will be available to every session that matches the rule.

STEP B Enter the Guaranteed Bandwidth (between 1 and 1000000 Kbps).

This value mainly provides pre-allocated bandwidth for particular traffic. The X family device ensures that a session that matches this firewall rule is provided with this bandwidth. (In effect, the device throttles other non-prioritized traffic to ensure this.)

STEP C Enter the Maximum Bandwidth (between 1 and 1000000 Kbps).

If a session attempts to use more than its maximum bandwidth, the excess packets are dropped.

STEP D Select the Bandwidth priority you want to apply to the session from the drop-down list, where 0 is the highest priority and 3 is the lowest priority.

The X family device transmits higher priority session packets before lower priority session packets. Use priority 0 for applications that require low latency, such as Voice over IP.

Note Generally, bandwidth management works best if a small amount of traffic is prioritized as priority 0 over all other traffic via a single bandwidth management rule. A good example is prioritizing voice traffic over everything else. It is not recommended to use priorities 1-3 to form complex bandwidth management policies. Such configurations are hard to define and harder to verify working.

STEP 7 If required, check Only apply firewall to authenticated users in the Firewall Rule Setup (Advanced) table to turn on authentication for this firewall rule.

To enable all users that have firewall rule authentication enabled to be authenticated, select Any privilege group with policy authentication.

To limit authentication to members of a particular privilege group, select that privilege group from the drop-down list.

STEP 8 Click Create to save the firewall rule.

Click Cancel to return to the Firewall Rules Summary without saving the changes.

Enable or Disable a Firewall Rule

STEP 1

STEP 2

From the LSM menu, select Firewall > Firewall Rules.

On the Firewall Rules page in the Firewall Rules List table, click the Edit icon for the firewall rule you want to edit.

74 X Family LSM User’s Guide V 2.5.1