-
Products
-
SonicPlatform
SonicPlatform is the cybersecurity platform purpose-built for MSPs, making managing complex security environments among multiple tenants easy and streamlined.
Discover More
-
-
Solutions
-
Federal
Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn MoreFederalProtect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
Learn More - Industries
- Use Cases
-
-
Partners
-
Partner Portal
Access to deal registration, MDF, sales and marketing tools, training and more
Learn MorePartner PortalAccess to deal registration, MDF, sales and marketing tools, training and more
Learn More - SonicWall Partners
- Partner Resources
-
-
Support
-
Support Portal
Find answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn MoreSupport PortalFind answers to your questions by searching across our knowledge base, community, technical documentation and video tutorials
Learn More - Support
- Resources
- Capture Labs
-
- Company
- Contact Us
How to use application firewall to bandwidth limit Bittorrent (firmware 5.9 & above)
03/26/2020 
4 People found this article helpful
485,601 Views
Description
It is possible to specifically limit or manage the bandwidth or BWM (Bandwidth Management) used by certain types of traffic, such as Bittorrent, using the Application Firewall feature of SonicOS Enhanced. These instructions represent an example implementation of an Application Firewall action, object and policy for the purpose of limiting the bandwidth of Bittorrent traffic to a maximum of 50 Kbps.
Resolution
Step 1: Enabling BWM on WAN interface.
Step 2: Creating Match Object.
Step 3: Creating Bandwidth Object.
Step 4: Creating Action Object.
Step 5: Creating App Rule policy to enforce the match and action objects to it.
Step 6: Enabling App Control Service on the respective zone.
- Login to the SonicWall management GUI.
Step 1: Enabling BWM on WAN interface
1. Navigate to Firewall Settings | BWM.
2. Set Bandwidth Management Type as "Advanced" & click on "accept" on top.
3. Navigate to the Network | Interfaces page.
4. Click on the Configure button of WAN interface. In this example the X1 interface.
5. Click on the Advanced tab and do one or both of the following:
- Under Bandwidth Management, to manage outbound bandwidth, select the Enable Egress Bandwidth Management checkbox, and optionally set the Available Interface Egress Bandwidth (Kbps) field to the maximum for the interface.
- Under Bandwidth Management, to manage inbound bandwidth, select the Enable Ingress Bandwidth Management checkbox and optionally set the Available Interface Ingress Bandwidth (Kbps) field to the maximum for the interface.
6. Click on OK to save.
Step 2: Creating Match Object
1. Navigate to Firewall | Match Objects.
2. Click on Add New Match Object button and enter the following:
- Name: Object Bittorrent
- Application Object Type: Custom Object
- Match Type: Exact Match
- Content: 13426974546f7272656e742050726f746f636f6c
3. Click OK to create the match object.
Step 3: Creating Bandwidth Object
1. Navigate to Firewall | Bandwidth Objects.
2. Click on Add button and enter the following:
- Name: Bittorrent Bandwidth
- Guaranteed Bandwidth: 25Kbps
- Maximum Bandwidth: 50Kbps
- Traffic Priority: 7 Lowest
- Violation Action: Delay
3. Click OK to save the bandwidth object.
Step 4: Creating Action Object
1. Navigate to Firewall | Action Objects.
2. Click Add New Action Object button and enter the following:
- Action Name: Action BWM Bittorrent
- Action: Bandwidth Management
- Check "Enable Egress Bandwidth Management" & select the bandwidth object from the drop down list.
- Check "Enable Ingress Bandwidth Management" & select the bandwidth object from the drop down list.
3. Click OK to save the new action.
Note:
- Per Policy When an Action Object configured with this method is used in multiple App Rules, the bandwidth set here will be calculated separately for each App Rule.
- Per Action When an Action Object configured with this method is used in multiple App Rules, the bandwidth set here will be shared by all App Rules with this Action Object.
Step 5: Creating App Rule policy to enforce the match and action objects to it
1. Navigate to Firewall | App Rules.
2. Click Add New Policy and enter the following:
- Policy Name: BWM Bittorrent
- Policy Type: Custom Policy
- Service Destination: Any
- Application Object: Object Bittorrent
- Action: Action BWM Bittorrent
- Connection Side: Client Side
- Direction: Both
3. Click OK to save the newly created policy.
Step 6: Enabling App Control Service on the respective zone
1. Navigate to Network | Zones.
2. Click on the configure button under the zone where you want enable App Control. (In this article, LAN zone is considered, App Control can be enabled on all other zones also)
3. Check the option Enable App Control Service and click on OK to save the change.
After clicking on OK, you can notice that the LAN zone will have a check mark for App Control as shown below.
How to Test:
Users attempting to exceed the bandwidth limits defined in this Application Firewall Action for Bittorrent will be limited and a log message similar to the following will be generated:
- Application Firewall Alert: Policy: BWM Bittorrent, Action Type: Bandwidth Management
Related Articles
- How to Block Google QUIC Protocol on SonicOSX 7.0?
- How to block certain Keywords on SonicOSX 7.0?
- How internal Interfaces can obtain Global IPv6 Addresses using DHCPv6 Prefix Delegation
Categories
- Firewalls > TZ Series
- Firewalls > SonicWall SuperMassive E10000 Series
- Firewalls > SonicWall SuperMassive 9000 Series
- Firewalls > SonicWall NSA Series
YES
NO