How to traffic-shape traffic over public wireless to app-stores like (app-id) apple-appstore?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

How to traffic-shape traffic over public wireless to app-stores like (app-id) apple-appstore?

L1 Bithead

Hi,

I'd like to implement qos traffic-shaping from our public wireless network to sites like apple's appstore or google's appstore.

When i look at the monitor screen of our palo, i only see ssl traffic. Do i need to decrypt the ssl traffic first so i can determine if it's app-id is android-market / apple-store ??

Our goal is to limit the amount of mobile / wireless traffic from automatic app-updates in order to give priority to other traffic like http or twitter etc..

How do i accomplish this ?

kind regards,

Patrick.

2 REPLIES 2

L2 Linker

In QoS Policy rule ( Polices -> QoS ) we have an Application tab which you can use. If you not are aware of QoS implementation in PA, then first you have to read QoS document QoS in PAN-OS 4.1

Patrick the guide that was posted was helpful for us when we did exactly as you hope to do on our Public WiFi.  We chose various BW intensive applications and put them in a specific class and then applied a download QoS profile policy to that traffic to help reduce the load it was putting on that link.  Worked great.  One issue that you might have is that policies can only be applied in one direction on the port, so if the outbound (upload) port is shared with other services you might want to separate that so you can have a more granular control over uploads from public vs. other segments/users.

  • 1908 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!