Throttle Bandwidth Hogs Using QoS (Episode 3) Learning Happy Hour

Printer Friendly Page

Nobody appreciates a data glutton! In this episode of Learning Happy Hour, Jason and Mitch show you how to spot bandwidth hogs and how to throttle them using a Palo Alto Networks next-generation firewall.

 

If QoS is new to you, there is a background segment called the QoS High Jump that is a deep dive into what QoS is, how it works, and why it's needed. Make it your New Year's resolution to learn about QoS by watching this episode of the Learning Happy Hour!

Click the arrow icon [ ↗ ] in the lower, right-hand corner of the video to watch the Learning Happy Hour episode in a new window and search the video in the full video player. 

 

Previous Episode: See the previous episode of Learning Happy Hour (9 reasons to use URL filtering)

Next Episode: Put your Best Firewall forward with the BPA

Episode Timeline: Want to skip to a specific part of this Learning Happy Hour episode

Episode Quiz: Test your memory by answering 5 questions related to this episode

Episode Feedback:

Episode List: See a full list of Learning Happy Hour episodes (note: they are listed as articles)

Episode Resources: Acknowledgements, References, Links, Labs, etc.

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

 

Episode Timeline:

00:00 – Episode introduction

02:02 – Opening discussion and banter

04:44 – QoS topic opener

07:29 - QoS deep dive (high jump)

15:47 - Bandwidth hog scenario / problem explanation

17:28 - QoS solution to stop bandwidth hogs

19:48 - Steps to implement solution

22:42 – Step 1: Create a log filter string to identify user sessions over #gb

23:33 – Step 2: Create a Log Forwarding Profile to auto-tag source IP matching log filter string

24:32 – Step 3: Match auto-tag IPs in a Dynamic Address Group (DAG)

25:09 – Step 4: Match DAG + Application Filter in QoS Policy to assign traffic to a QoS class

27:27 – Step 5: Setup QoS Profile to define throttle limits

28:20 – Step 6: Assign QoS Profile to an upload/download ethernet interface

29:19 – Step 7: Create a scheduled custom report based on log filter string

32:22 – Step 8: Create script to run daily to remove auto-tag IPs from DAG

36:54 – QoS Demonstration

42:44 – QoS Testimonials

43:41 - Things We Learned

50:36 – Post Episode Quiz

 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

 

Palo Alto Networks Episode Resources:

Auto-Tagging & DNS Sinkhole Video

PAN-Python

Palo Alto Networks - API Lab

Clearing Registered IPs

Enforce QoS Based on DSCP Classification

 

Other Episode Resources:

How does QoS work

Differentiated services

DSCP configuration guidance (RFC 4594)

Science of Successful Learning

History of Ransomware

Post-Episode Quiz

 

Episode Resources:

Optional QoS Practice Lab

 

Episode Acknowledgements:

Elf Gif

AF Traffic Flagger

Baseband vs. Broadband

Music: www.bensound.com

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Quiz:

 

 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 

Episode Feedback: