Traffic Shaping
This service is designed to limit the external incoming traffic speed for network users.
Intrusion prevention, Application control rules, and Traffic Shaping do not handle traffic between local networks and branch networks.
Setting up Traffic Shaping
To create the rule, go to Traffic Rules -> Traffic Shaping and click on Add.
Next, fill in the following fields:
- Title – enter the rule name, for example, the Accounting speed limit. Maximum 40 characters.
- Applies to – select an individual user or group from the drop-down list.
- Speed (Mbps) – the speed limit for selected users.
There are two types of speed limits for ease of configuration. They can be applied for users, groups, IP addresses, or a special object Quota Exceeded (users who exceed traffic quota fall in this object).
- Personal – the speed will be limited for each of the selected users.
- General – the speed will be limited and shared among all the selected users.
For example, when selecting a personal speed limit, as in the screenshot below, the speed limit for each manager will be 1 Mbps.
If the general speed limit is selected, as in the following example, the channel width for the entire accounting department will be 10 Mbps.
When adding or editing a rule, in order to save and apply it, click on Apply above the rules list. The settings will be applied.
Also, do not forget to move the slider in the upper part of the screen near Traffic Shaping to Enabled in order for the module to work.
If you don't click on Apply button above the list of rules and leave the section Traffic Shaping, then the created rule will be saved, but will not be applied. To apply the rule, go back to the Traffic Shaping section and click on Apply.
Also, saved but not applied rules will be lost in the following cases:
- When restarting the server.
- In case of switching to another node.
- When the traffic shaping service is restarted or stopped (in cases when the service has failed or when a technical support employee is working with the service).
You can enable and disable the rule, change its priority, and edit or delete it using the buttons in the Operations column.
Order of Rule Application
Rules are applied from top to bottom in their order in the table until the first match. That is, if the user is in several groups simultaneously, the rule that is higher in the rules list applies to them.
Features
When users connect to SafeUTM from the internet via VPN, the traffic speed to the local network behind SafeUTM may be limited for them according to the Traffic Shaping rules for the end device in the local network.
When users log in from the local network via VPN the Traffic Shaping rules will not apply to them.