Description
Solution
This article explains how to apply a traffic shaper to an application in an “Application Control” security profile. For example, to shape the traffic for windows updates.
Solution
1. Add the signature as an application override to the profile via GUI or CLI.
GUI
CLI
2. Configure the required traffic shaper for the application (CLI only).
3. Verify shaper(s) being in place.
GUI
CLI
GUI
CLI
(root) # config application list
(list) # edit default
(default) # config entries
(entries) # edit 1
(1) # set application 16009
(1) # set action pass
(1) # set log disable
(1) # next
(entries) # end
(default) # end
(root) #
2. Configure the required traffic shaper for the application (CLI only).
(root) # config application list
(list) # edit default
(default) # config entries
(entries) # edit 1
(1) # set shaper shared-1M-pipe
(1) # set shaper-reverse shared-1M-pipe
(1) # next
(entries) # end
(default) # end
(root) #
3. Verify shaper(s) being in place.
GUI
CLI
(root) # show application list default
config application list
edit "default"
set comment "Monitor all applications."
set app-replacemsg disable
set unknown-application-action block
set unknown-application-log enable
config entries
edit 1
set application 16009
set action pass
set log disable
set shaper "shared-1M-pipe"
set shaper-reverse "shared-1M-pipe"
next
edit 2
set category 2 6 19 28
next
edit 3
set category 8 12
set action pass
set log disable
next
edit 4
set action pass
next
end
next
end
