Yes we can surely do traffic shaping on all platforms. The QOS rules would decide to which hosts the qos profile should be applied. If we have just one host in the rule then that host gets the configured traffic shaping. On 5k series the shaping is performed on the hardware.
Yes, but iI've got about 4k hosts in my network :smileyhappy:
It will be a little difficult and not scalable to make 4k rules in my PA :/
Is there any other way to do this?
We recently replaced our Fortigate 1000C internet gateway firewall with PA-3050. We didn't have problems in our Fortigate firewall in terms of bandwidth management because it has a Per IP bandwidth limit. Now with Palo Alto, we encounter bandwidth shortage almost everyday and we received many complaints already. Even my higher-ups are calling my attention regarding this issue. I already made QoS for high bandwidth consuming applications and priority applications but it doesn't solve the problem.
It makes me feel bad to find in this page that this Per IP traffic shaping issue has been brought up a long time ago but until now there is no update from palo alto. I still believe that palo alto is the best enterprise firewall and i like its application control but I don't understand why it doesn't have a Per IP bandwidth limit in its features. For me it is a very important feature and even PFsense open source firewall has this feature. If an open source firewall can provide this feature, then why can't the best and expensive firewall?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!