NETGEAR ProSafe SRX5308 Reference Manual page 119

For example, when a new connection is established by a device, the device locates the
firewall rule corresponding to the connection:
• If the rule has a bandwidth profile specification, the device creates a bandwidth class in
the kernel.
• If multiple connections correspond to the same firewall rule, the connections all share the
same bandwidth class.
An exception occurs for an individual bandwidth profile if the classes are per-source IP
address classes. The source IP address is the IP address of the first packet that is
transmitted for the connection. So for outbound firewall rules, the source IP address is the
LAN-side IP address; for inbound firewall rules, the source IP address is the WAN-side IP
address. The class is deleted when all the connections that are using the class expire.
After you have created a bandwidth profile, you can assign the bandwidth profile to firewall
rules on the following screens:
• Add LAN WAN Outbound Services screen (see
• Add LAN WAN Inbound Services screen (see

To add and enable a bandwidth profile:
1. Select Security > Bandwidth Profile. The Bandwidth Profiles screen displays. (See the
following figure, which shows one profile in the List of Bandwidth Profiles table as an
example.)
Figure 65.
The screen displays the List of Bandwidth Profiles table with the user-defined profiles.
2. Under the List of Bandwidth Profiles table, click the Add table button. The Add Bandwidth
Profile screen displays:
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Firewall Protection
Figure 43 on page 93).
Figure 44 on page 94).
119