So the last couple of days I’ve been doing a bit of research on Netscaler and prioritizing traffic based upon where the endpoint is coming from. This is where AppQoE comes in. AppQoE is just a combination of different roles into one role, HTTPDoS, Priority Queuing, and SureConnect.
So what if we have a vServer which is getting pounded by traffic, so how do we prioritize the traffic ? So in AppQoE we have two things. Policies and Actions.
Let’s say that we want to divide traffic into two priority groups. One which are android based devices and another which are windows phone devices. Android based devices are given high priority and Windows phones are given lower priority. There are four priorities we can define in AppQoE. HIGH, NORMAL, LOW and LOWEST. And the Netscaler will process traffic from top to bottom. Meaning that Android traffic is priorited over Windows Phone based traffic.
So I have an example expression here for android devices.
My action looks like this
What is does is basically bind HIGH priority traffic sign to my AppQoE policy, so not much work I have to do here. but next I have to create an AppQoE policy to my Windows Phone users.
My AppQoE action looks like this. Now important to see that the policy queue depth defines how many connenctions needs to be active before it is moved to LOWEST priority. I also have to define max connections, if there are requests over the maximum amount of connenctions I have the Netscaler display a custom wait page ( I choose NS, because then I can use a custom HTML code on the Netscaler, if I choose ACS I can choose another web server for instance.
Now i can attach this policy to a vServer. (NOTE that SureConnect cannot be enabled for a vServer if used with AppQoE)
Now stay tuned for how to setup this with HTTP DOS inorder to protect from HTTP attacks as well with AppQoe.