Skip to main content
Skyhigh Security

Basic Bandwidth Throttling

Basic bandwidth throttling limits the transferring speed when user upload objects to the web or download them.

Events in bandwidth throttling rules

Two events are available for use in rules that control bandwidth throttling:

  • Throttle.Client — Limits the speed of data transfer from a client to the appliance
    This is the case when a client sends a request for uploading an object to a web server and the request is intercepted on the appliance together with the object.
  • Throttle.Server — Limits the speed of data transfer from a web server to the appliance
    In this case, there has been a client request to download an object from a web server, and after this request has been filtered on the appliance and forwarded, the web server sends the object in response.

Bandwidth throttling rule for uploads

The following is an example of a rule that can execute bandwidth throttling rule for uploads.

Limit upload speed for hosts on throttling list

URL.Host is in list Upload Throttling List –> Continue – Throttle.Client (10)

The rule uses the Throttle.Client event to limit the speed with which uploads are performed to 10 Kbps if the web server that the data should be uploaded to is on a particular list.

In the criteria of the rule, the URL.Host property is used to retrieve the host name of the web server that is specified in the uploading request.

If the Upload Throttling List contains this name, the criteria is matched and the rule applies. The throttling event is then executed.

The Continue action lets rule processing continue with the next rule.

Bandwidth throttling rule for downloads

The following is an example of a rule that can execute bandwidth throttling rule for downloads.

Limit download speed for media types on throttling list

MediaType.EnsuredTypes at least one in list MediaType Throttling List –> Continue – Throttle.Server (1000)

The rule uses the Throttle.Server event to limit the speed with which downloads are performed to 1000 Kbps if the web object that should be downloaded belongs to a media type on a particular list.

In the criteria of the rule, the MediaType.EnsuredTypes property is used to detect the media type of the web object that the web server sends. An object can also be found to belong to more than one type.

If any of these types is on the Media Type Throttling List, the criteria is matched and the rule applies. The throttling event is then executed.

The Continue action lets rule processing continue with the next rule.

Bandwidth throttling rules and rule sets

We recommend that you create an overall rule set for bandwidth throttling rules and embed two rule sets in it, one for throttling uploads and another for throttling downloads. You can then let the embedded upload rule set apply for the request cycle and the embedded download rule set for the response cycle.

Within each embedded rule set, you can have multiple throttling rules that apply to different kinds of web objects.

The overall rule set for bandwidth throttling should be placed at the beginning of your rule set system. If this is not done, rules in other rule sets can start unthrottled downloads of web objects before your throttling rules are executed.

For example, a rule for virus and malware filtering could trigger the download of a web object that has been sent by a web server in response to a user request. The web object then needs to be completely downloaded to the appliance to see whether it is infected.

If your bandwidth throttling rule set is placed and processed after the rule set with the virus and malware filtering rule, bandwidth throttling is not applied to that download.

  • Was this article helpful?