- Differences Between Acceleration Decisions and Traffic Shaping Policies
- Configuring Service Class Definitions
Because all URL-based rules match the HTTP service class, putting the HTTP service class above them would result in the URL-based rules or published application-based rules never being used.
To create an RPC over HTTP service class and bind the SSL profile to it
1. Navigate to the Configuration > Optimization Rules > Service Classes page.
2. In the Name field, enter a name for the service class.
3. Make sure that the Enabled option is selected.
4. From the Acceleration Policy list, select an acceleration policy. Memory and Disk specify where to store the traffic history used for compression. Disk is usually the best choice, because the appliance automatically selects disk or memory, depending on which is more appropriate for the traffic. Memory specifies memory only. Select Flow Control Only to disable compression but enable flow-control acceleration. Select this for services that are always encrypted, and for the FTP control channel. None is used only for uncompressible encrypted traffic and real-time video.
5. Select Enable AppFlow Reporting to enable AppFlow reporting for this Service Class. Information from this service class is included in any AppFlow reports. AppFlow is an industry standard for unlocking application transactional data processed by the network infrastructure. The WAN Optimization AppFlow interface works with any AppFlow collector to generate reports. The collector receives detailed information from the appliance, using the AppFlow open standard
6. Select Exclude from the SSL Tunnel to exclude traffic associated with the Service Class from SSL Tunneling.
7. In the traffic shaping policy list, make sure that Default Policy option is selected. Traffic shaping policies have a weighted priority and other attributes that determine how matching traffic will be treated, relative to other traffic. Most service classes are set to Default Policy, but higher-priority traffic can be assigned a higher-priority traffic-shaping policy, and lower-priority traffic can be assigned a lower-priority policy.
8. In the Filter Rules section, click Add to create filter rule that has Any as the default value for all parameters. If a rule is evaluated as TRUE for a given connection, the connection is assigned to that service class. Filter rules for most service classes consist solely of a list of applications, but rules can also include IP addresses, VLAN tags, DSCP values, and SSL profile names. All the fields in a rule default to Any (a wildcard). Fields within a rule are ANDed together.
9. From the Application Group list, select Email and Collaboration.
10. Click Add.
11. From the Available list, select the required applications.
12. Move the selected applications to the Configured list.
13. In the Source IP Addresses field, add the client IP addresses.
14. From the Direction list, select the direction of the traffic.
15. In the Destination IP Addresses field, type the IP address of the server.
16. Click Add.
17. From the SSL Profiles list, select the SSL profile you have created
18. Click Create.
You must configure and bind an SSL profile to the service class only on the datacenter-side appliance.