Quota Rules

Traffic quota rules ensure restriction of the amount of information that may be transferred by a specific user, a group of users, a host or a group of hosts within a certain period of time. When the set limit is reached, such rules ensure that users and/or hosts that match them are denied Internet access.

Quota Rules (click to enlarge figure)

To create a Quota Rule, in the console tree of ISA Management, right click Quota Rules, point to New, and then click Rule. Proceed with following the instructions of the wizard. Note that the Policy Elements necessary for creation of the rule should be set up before starting the wizard.

The below is a description of the Quota Rules options and their effect.

On the General tab, supply the name for the rule and its description. You can also enable or disable the rule here by selecting or deselecting the Enable option.

General tab of Quota Rule Properties (click to enlarge figure)

You can choose whether to show the quota counters of this rule in web statistics shown to users using option Show quota counters of this rule in users' web stats.

Parameter Quota description shown to users allows you to specify description text, that users will see in their web statistics along with their quota counters. If it is not specified, then quota rule name is used.

Use the Applies To tab to specify objects for the rule to apply to. You can select client address sets, user accounts or groups of users. Exclusions can also be set up here.

The Action tab is used to configure the traffic amount restrictions to be controlled by the rule.

Action tab of Quota Rule Properties (click to enlarge figure)

If the No limits mode is selected, the traffic for clients under this rule will not be restricted.

You can select different traffic quota modes: limit sum of incoming and outgoing traffic, limit separately incoming and outgoing traffic, limit incoming traffic only, limit outgoing traffic only. Set the traffic amount allowed by the rule in megabytes. When the remaining traffic counter reaches zero, all connections of the client are terminated. If any web requests are sent after this moment, the user sees a message that the allowed traffic quota has been exceeded.

Select the checkbox Don't account cached web content to set the mode of counting of the size of the content cached by ISA Server. If this option is active, the data transmitted from the cache is not counted. Otherwise the cached web content is counted like all other traffic.

You can set the quota reset period. On expiry of this period the quota counter is reset to the value specified in the quota value field(s). If the checkbox Transfer remainder to the next period is selected, the unused traffic quota for the expired period will be transferred to the next period. Counters are reset at 0:00. This occurs every day for daily quotas, on the night of Monday - for weekly quotas and on the night of the first day - for monthly quotas.

You can limit the amount of transferrable quota remainder to next period using parameter But no more than X % of the limit. This can be useful in order to prevent continuous quota counters growing. This paramter value is indicated as a percentage of general quota rule limit. It may have values from 1% and higher, including those greater than 100%. For example, on the above figure, the general limit is 500 MB, and not more than 150% of remainder is transferred. This means that if next period comes and remainder is less than 500 * 150% = 750 MB, it will be entirely added to 500 MB provided for new period. If remainder is greater than 750 MB, then only 750 MB will be added. So, the maximum possible value of quota counter in this case is 750 + 500 = 1250 MB.

The Quota Type option defines the way the rule is applied. Depending on the value of this option, the effect of the rule may be very different.

Select Assign quota individually to each applicable user/address to apply the quoting and counting options set by the rule individually to each user or host that matches it, i.e. separately from each other.

Select Share quota between all applicable users/addresses to apply the traffic quota set by the rule to all users or hosts as a whole, i.e. one common quota is assigned to all users.

Note. If Quota Rules have been modified so that a new quota rule has been set for a client limited with another quota rule before, the traffic counter value does not change. However, the counter will be reset if the new rule does not restrict the user by traffic amount.

See also
Shaping Rules
Group Restrictions
Web Statistics

© BNTC Software. All rights reserved.