Use a QoS policy rule to define traffic to receive QoS
treatment (either preferential treatment or bandwidth-limiting)
and assigns such traffic a QoS class of service.
Define a QoS policy rule to match to traffic based on:
Applications and application groups.
Source zones, source addresses, and source users.
Destination zones and destination addresses.
Services and service groups limited to specific TCP and/or
UDP port numbers.
URL categories, including custom URL categories.
Differentiated Services Code Point (DSCP) and Type of Service
(ToS) values, which are used to indicate the level of service requested
for traffic, such as high priority or best effort delivery.
You cannot apply DSCP code points or QoS to SSL Forward
Proxy, SSL Inbound Inspection, and SSH Proxy traffic.
Set up multiple QoS policy rules (
) to associate different
types of traffic with different QoS Classes of service.
Because QoS is enforced on traffic as it egresses the firewall,
your QoS policy rule is applied to traffic after the firewall has
enforced all other security policy rules, including Network Address
Translation (NAT) rules. If you want to apply QoS treatment to traffic
based on source, make sure to specify the post-NAT source address
in a QoS policy rule (do not use the pre-NAT source address).