Problem solve Get help with specific problems with your technologies, process and projects.

How can I limit the number of MBs each user downloads?

Learn about rate limiting from network administration expert Lindi Horton, in this response.


I only have one T1 link, and I would like to utilize it wisely. Many of my users are downloading during peak hours causing the Internet speed to crawl. I would like to set the limit on downloading by limiting the number of MBs each user can download. I would like to know what options are available to me to set this limit. I currently have Fortinet F200 Firewall. Do I need to buy additional hardware or software to achieve this functionality?

Hi! It's great to hear from you.

You are probably going to need to get some additional software and/or hardware to supplement your firewall capabilities. Since you've already got Fortinet, I recommend that you contact them about their rate-limiting capabilities.

Based on Fortinet's Web site there are several capabilities that might help you out. They do not list the capability for limiting total volume for a particular user but they do give you some options about the rate and volume limitations for application usage.

For example, a user may want to use the Internet to access some documents online for research purposes but also want to listen to the Internet radio. Rate limiting by application service offers you the ability to differentiate what services the users get access to and what they don't.

In fact, here's the knowledge base article about rate limiting on their Web site. Check compatibility with your devices and find out if you need anything further from them.

When working at a large university, I was presented with the problem of trying to figure out how to keep the students from downloading a lot of music off of Napster (yes, I know I just dated myself). Since most users did not know how Napster worked, the network team decided the best policy was to rate limit the traffic on the basic peer-to-peer traffic ports. If we closed the port down, the users discovered you could change the service port. But instead, they just thought that Napster was slow. This allowed the university the ability to keep using the high bandwidth circuits for academic pursuits.

This was last published in April 2007

Dig Deeper on Network management software and network analytics