Views:

Traffic Management filters react to traffic based on limited parameters, including the source IP address, destination IP address, port, protocol, or other defined values. As an example, you might define the following Traffic Management filters for your web servers in a lab that denies access to external users:

  • Block traffic if the source is on an external subnet that arrives through port 80 and is destined for the IP address of your web server.
  • Block traffic if the source is your web server, the source port is 80, and the destination is any external subnet.

These filters detect issues in bandwidth usage. Because the SMS does not include these filters, you must create them.

 
NOTE: Traffic Management filters differ from other traffic-shaping filters, such as Traffic Normalization, which are Infrastructure Protection filters that enforce valid packet processing within the Threat Suppression Engine. They protect the engine by detecting invalid or abnormal packets. By protecting the engine, the filters scrub the network of possible issues.

Maximum Filter Limits

The SMS enforces the maximum number of Traffic Management filters that can be distributed to a device based on device capacity. The SMS groups devices into three categories (low-end, medium-end, and high-end) with an assigned maximum to each category for enforcement purposes. The SMS takes into consideration the expanded Traffic Management filters as well as what the device has. If a device's number of Traffic Management filters exceeds the limit, the SMS displays a message. 

 Traffic Management filter limits include:

  • Medium-end device limit: 8,000 filters (Medium-end devices include 440T, and vTPS devices).
  • High-end device limit: 12,000 filters (High-end devices include 2200T, TX, and TXE devices).

Additional Resources:

 

Keywords: traffic management filter, infrastructure protection filters