Network
Configure bandwidth limits
Set bi-directional bandwidth caps for users and workloads
Configure bandwidth limits
Threatmatic lets you manage bandwidth at a granular level — per user, group, device, or workload — in both directions independently. This prevents any single endpoint or application from saturating shared network resources.
Prerequisites
- An active network circuit
- Admin access to the Console
Steps
Open Bandwidth Management
- Go to Network → Bandwidth
- Click New Rule
Set the scope
Choose what the rule applies to:
| Scope | Example |
|---|---|
| User | A specific user account |
| Group | All members of an AD/IdP group |
| Device Tag | All devices tagged iot or contractor |
| Workload | A specific application or service |
Configure limits
Set independent limits for inbound and outbound traffic:
| Field | Description |
|---|---|
| Inbound limit | Maximum download throughput (e.g. 50 Mbps) |
| Outbound limit | Maximum upload throughput (e.g. 10 Mbps) |
| Priority | High, Normal, or Low — used during congestion |
| Schedule | Optional time window (e.g. business hours only) |
Apply the rule
Click Save. Rules take effect immediately — no circuit restart required.
Use Priority rather than hard limits where possible. It allows headroom during low-traffic periods while protecting bandwidth during peak times.
Monitor usage
Go to Network → Bandwidth → Usage to view real-time and historical throughput per scope.
Next steps
How is this guide?
Last updated on