QOS to limit download and upload if my network infected by viruus

Unanswered Question
Jul 6th, 2012
User Badges:

Hi Experts


1)some times i saw my users performs heavy download on the Internet link , how to configure QOS for that matter on the SVIs interfaces belongs to each subnet's





2when i see heavy upload caused by virus , how to police traffic accordinly

thanks


jamil

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Alessio Andreoli Fri, 07/06/2012 - 02:14
User Badges:
  • Silver, 250 points or more

Hi there,

i am not an expert but i definitely would suggest to run NBAR on your routers for a couple of days.


It is very easy and you can realise also which kind of traffic you should limit or block from your customers. Before writing QoS policies is a good idea to know which is the traffic to slow prioritise or to drop.


If you have not all this time,

read some of this papers and use their examples:


http://www.cisco.com/en/US/tech/tk543/tk759/tsd_technology_support_protocol_home.html


HTH


Alessio

      


PS: to deploy AutoQoS on your access layer switches could be a first temporary step to start to control the traffic.

Alessio Andreoli Fri, 07/06/2012 - 03:47
User Badges:
  • Silver, 250 points or more

http://www.cisco.com/en/US/technologies/tk543/tk759/technologies_white_paper0900aecd8031b712_ps6616_Products_White_Paper.html


Here what you need to know before running NBAR



http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/nbar_protocl_discvry.pdf


and here is a simple guide for the discovery and the configuration of what you need.


Be careful, you need to read when you ca configure NBAR  and where in the network to avoid performaces impact. However it will be simpler than you think!!! Even running only nbar discovery protocol will give you a godd idea of the traffic generated from your users.


After this, you will decide if to implement the policies that NBAR will suggest to you or to create your own policy-map


HTH


Alessio

Actions

This Discussion