Set a Discard Policy

Use a discard policy to toss all packets for a traffic class. You may want to block a service or application because it is:

• Consuming too much of your network bandwidth
• Considered nonessential to your business
• Prohibited on your network

A discard policy is recommended for blocking UDP traffic classes because UDP traffic is not session oriented. For TCP or web traffic, you would typically use a never-admit policy to block traffic and inform the user that the session was disallowed. If you use a discard policy for TCP traffic, the discarded packets will cause TCP time-outs resulting in a long wait period before the user gets any feedback. In some cases this may be desirable. For example, you may want to "time out" someone attempting to crack your web server.

Note: To perform this task from PolicyCenter, you must first select a configuration from the Editing Configuration drop-down list at the top of the page.

To apply a discard policy to a traffic class:

1. Click the manage tab.

2. In the left window pane, select the class to which you want to apply a discard policy.

3. Click policy and select add.

4. Click discard in the New Policy window.  show screen

5. Click add policy.

Note: In order for policies to take effect, traffic shaping must be enabled. See Enable/Disable Traffic Shaping.

Caution: Be careful when applying a discard policy, because it may have unexpected results. For example, if you configure the /Inbound/Default class to discard packets, PacketWise will discard packets for all classes in the Inbound tree that do not have their own policies.

See also:

Block Unwanted Traffic

Policy Overview