• Downloads
• Configuring Advanced Settings for the Application Policy Enforcement Rulebase    

• Related Topics
• Configuring the APE Rulebase (NSM Procedure)
• Verifying the APE Rulebase

Configuring Advanced Settings for the Application Policy Enforcement Rulebase

By default, the IDP engine does not apply a rate limit to sessions that do not match APE rules. You can optionally set a default rate limit for such sessions.

To assign a default rate limit for sessions that do not match APE rules:

1. Log into the CLI as admin and enter su - to switch to root.
2. Use the following command to show the current value:
   
   

   [root@defaulthost admin]# scio const get sc_ape_default_rate_limit

   scio: sc_ape_default_rate_limit = 0xffffffff

   The default is 4,294,967,295 bps (0xffffffff in hexadecimal; 4,096 Mbps or .5 Gbps), which effectively turns off rate limiting for sessions that do not match APE rules.

3. If you want to set a rate limit for sessions that do not match APE rules, use the corresponding set command. The following example sets a limit of .25 Gbps:
   
   

   [root@defaulthost admin]# scio const set sc_ape_default_rate_limit 2147483648

   scio: setting sc_ape_default_rate_limit to 0x80000000