How to use application firewall to bandwidth limit Bittorrent (firmware 5.9 & above)

Step 1: Enabling BWM on WAN interface.
Step 2: Creating Match Object.
Step 3: Creating Bandwidth Object.
Step 4: Creating Action Object.
Step 5: Creating App Rule policy to enforce the match and action objects to it.
Step 6: Enabling App Control Service on the respective zone.

• Login to the SonicWall management GUI.

Step 1: Enabling BWM on WAN interface

1. Navigate to Firewall Settings | BWM.
2. Set Bandwidth Management Type as "Advanced" & click on "accept" on top.


3. Navigate to the Network | Interfaces page.
4. Click on the Configure button of WAN interface. In this example the X1 interface.


5. Click on the Advanced tab and do one or both of the following:

• Under Bandwidth Management, to manage outbound bandwidth, select the Enable Egress Bandwidth Management checkbox, and optionally set the Available Interface Egress Bandwidth (Kbps) field to the maximum for the interface.
• Under Bandwidth Management, to manage inbound bandwidth, select the Enable Ingress Bandwidth Management checkbox and optionally set the Available Interface Ingress Bandwidth (Kbps) field to the maximum for the interface.

6. Click on OK to save.

Step 2: Creating Match Object

1. Navigate to Firewall | Match Objects.


2. Click on Add New Match Object button and enter the following:

• Name: Object Bittorrent
• Application Object Type: Custom Object
• Match Type: Exact Match
• Content: 13426974546f7272656e742050726f746f636f6c
  

3. Click OK to create the match object.
 

Step 3: Creating Bandwidth Object

1. Navigate to Firewall | Bandwidth Objects.


2. Click on Add button and enter the following:

• Name: Bittorrent Bandwidth
• Guaranteed Bandwidth: 25Kbps
• Maximum Bandwidth: 50Kbps
• Traffic Priority: 7 Lowest
• Violation Action: Delay
  

3. Click OK to save the bandwidth object.
 

Step 4: Creating Action Object

1. Navigate to Firewall | Action Objects.


2. Click Add New Action Object button and enter the following:

• Action Name: Action BWM Bittorrent
• Action: Bandwidth Management
• Check "Enable Egress Bandwidth Management" & select the bandwidth object from the drop down list.
• Check "Enable Ingress Bandwidth Management" & select the bandwidth object from the drop down list.
  

3. Click OK to save the new action.
 

Note:

• Per Policy  When an Action Object configured with this method is used in multiple App Rules, the bandwidth set here will be calculated separately for each App Rule.
• Per Action  When an Action Object configured with this method is used in multiple App Rules, the bandwidth set here will be shared by all App Rules with this Action Object.

Step 5: Creating App Rule policy to enforce the match and action objects to it

1. Navigate to Firewall | App Rules.


2. Click Add New Policy and enter the following:

• Policy Name: BWM Bittorrent
• Policy Type: Custom Policy
• Service Destination: Any
• Application Object: Object Bittorrent
• Action: Action BWM Bittorrent
• Connection Side: Client Side
• Direction: Both
  

3. Click OK to save the newly created policy.
 

Step 6: Enabling App Control Service on the respective zone

1. Navigate to Network | Zones.


2. Click on the configure button under the zone where you want enable App Control. (In this article, LAN zone is considered, App Control can be enabled on all other zones also)
3. Check the option Enable App Control Service and click on OK to save the change.


After clicking on OK, you can notice that the LAN zone will have a check mark for App Control as shown below.
 

How to Test:

Users attempting to exceed the bandwidth limits defined in this Application Firewall Action for Bittorrent will be limited and a log message similar to the following will be generated:

• Application Firewall Alert: Policy: BWM Bittorrent, Action Type: Bandwidth Management