QoS policies

An administrator can define application and traffic policies. These policies help to enable traffic steering, Quality of Service (QoS), and filtering capabilities for applications. Specify whether a defined rule can be applied globally across all the sites in the network or on certain specific sites.

Policies are defined in the form of multiple rules which get applied in the user-defined order.

Network config policies

Create new rule

An administrator needs to place the defined rule based on the priority. The priorities such as Top of the List, Bottom of the List, or in between two existing entries.

It is recommended to have more specific rules for applications or sub applications at the top, followed by less specific rules for the ones representing broader traffic.

For example, you can create specific rules for both Facebook Messenger (sub application) and Facebook (application). Put a Facebook Messenger rule on top of the Facebook rule so that the Facebook Messenger rule gets selected. If the order is reversed, Facebook Messenger being a subapplication of the Facebook application, the Facebook Messenger rule would not get select. It is important to get the order right.

Match criteria

Select traffic for a defined rule such as:

  • An application
  • Custom defined application
  • Group of applications or IP protocol based rule

Rule scope

Specify whether a defined rule can be applied globally across all the sites in the network or on certain specific sites.

Application steering

Specify how the traffic needs to be steered.

QoS policies

+ New Custom App: Select a match criteria from the list. The administrator can add new custom application by giving a name to:

  • Custom application
  • protocol (such as TCP, UDP, ICMP)
  • Network IP/Prefix
  • port
  • DSCP tag

You can also create a domain name based custom application.

Custom app domain

Click Verify Config to validate any audit error.

QoS profiles

The Quality of Service (QoS) section helps to create the QoS profile by using the + QoS Profile option. The QoS profile provides improved service to certain traffic. The goal of QoS is to provide priority including traffic type (Real-time, Interactive, and Bulk classes) and dedicated bandwidth. The bandwidth breakups are available in % values. This also improved loss characteristics.

QoS policy profile

Click Verify Config to validate any audit error.

HDX profiles

HDX incorporates advanced optimization and acceleration capabilities to deliver the best performance over any network, including low-bandwidth and high-latency WAN connections.

HDX profile

HDX profiles, along with HDX rules allow to optimize HDX traffic. You can view the following three default profiles:

  1. Global Default: The Global profile is active for all the sites by default.

    • The Global Default profile now enables single stream HDX globally in the initial case. This profile supports Single-stream or Multi-stream QoS for HDX, depends on the QoS profile selection.

      • If the selected QoS profile is Standard (default case), then the global default profile is single stream HDX. In this case, multi-stream QoS for HDX check box is cleared and the profile mode is single-Stream.

      • If the selected QoS profile is HDX, then multi-stream QoS and Deep packet inspection (DPI) are enabled.


    • To view the QoS profile selection, go to Configuration > QoS > QoS profiles.

    QOS profile selection

    You can also view the Global QoS Bandwidth Default Profile under Global Rules in QoS policies and under HDX rules in the global rules section.

    Global QoS Bandwidth Default

    • You can provide up to five HDX IP and port range.
    • No other settings can be modified.

    Only the Global Default is a global profile and other profiles are the site level which can override the global profile. So if you want to enable the single stream HDX mode for all the sites in the network, you must make the changes in the global profile. This ensures that this setting is not only applicable to all the available sites but also to any newly added sites.

    The available site can be attained by adding all sites to the single-stream profile that essentially overrides the global profile at all existing sites.

  2. HDX disabled: Both DPI and multi-stream QoS for HDX are disabled. You can add sites to this profile.

  3. HDX Single Stream: Multi-stream QoS is disabled. You can add sites to this profile.


The default profiles (Global Default, HDX Disabled, and HDX Single Stream) cannot be deleted.

Either value in a Custom HDX IP-Port Pair or Sites, can be empty (but not both) for all the profiles where you can provide an IP-port pair. Independent Computing Architecture (ICA) ports 1494 and 2598 are not allowed (either by themselves or in range: true for all port fields in HDX profiles). This limitation is applicable to all profiles where ports can be added.

A site can only be part of a single profile. The Global Default profile is applicable to all sites which are not part of any other profile.

The Global Default, HDX Disabled, and HDX Single Stream profiles are also known as Profile Modes.

You can only create new profiles of HDX Multi-Stream type. For any other behavior (for example – HDX single-stream), use the default profile.

HDX multi-stream

You can specify the site names and IP and Port pairs for all three profiles. The IP-Port Pair option is available only if the profile mode is HDX Multi-Stream.

While creating site level HDX rules (under QoS Policies), you need to select the Site HDX Profile Mode.

Site HDX profile mode

Based on this selection, all the sites that fall under the Profile Mode are available for selection for the rule.

QoS policies