Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 2 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 2152 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Limit by device or user, which is better for performance?

Gary Parr

It seems to me there are two ways to target rules towards specific devices. You can either call those devices out in the "Source Networks and Devices" section of the rule, or you can match clientless users created for those devices. Is there any performance difference between these two approaches?

Thanks,

Gary



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to lferrara

    So the idea is that clientless or host restrictions are just filters on the code that work exactly the same? It's not like the FW rule will hit the device "gate" first and save processing that might happen if the rule has to run until it hits the "users" gate?

Children
No Data