Reference: Default Policy Settings
  
Reference: Default Policy Settings
In most cases, the default policy does not need to be modified. However, if a controller is on the public internet, an unlicensed user can add the IP address of the controller to his or her client controller list. The user will then receive the default acceleration policy associated with the controller, and will consume a license when a connection is accelerated.
Using a nondefault policy requires the user to know the policy name to specify in his or her endpoint policy—information that requires admin/monitor access. Therefore, if you have a controller on the public internet, we recommend that the default policy disable acceleration.
The easiest way to disable acceleration is to add an in-path rule that passes through all traffic. Although users can still connect to the controller with a default policy that disables acceleration, the user will not consume a license.
The Initial policy contains these pass-through rules to automatically pass through traffic that can’t be accelerated. The three rules are:
Secure—For traffic on secure ports (for example, SSH, HTTPS, and SMTPS).
Interactive—For traffic on interactive ports (for example, Telnet, TCP ECHO, remote logging, and shell).
RBT-Proto—Specifies well-known ports used by the system: 7744 (data store synchronization), 7800-7801 (in-path), 7810 (out-of-path), 7820 (failover), 7850 (connection forwarding), 7860 (SteelHead Interceptor), 7870 (Client Accelerator Controller), 7881 (server-side Client Accelerator Controller), and 7882 (client-side Client Accelerator Controller).
Parameter
Field or option
Default value
General Settings:
Policy Name
Initial
Description
None
Optimization Rules: In‑Path Rule
Type
Auto Discover
Position
Start
Source Subnet
All-IP (IPv4 + IPv6)
Destination Subnet
All-IP (IPv4 + IPv6)
Port or Port Label
All
Preoptimization Policy
None
Optimization Policy
Normal
Latency Optimization Policy
Normal
Neural Framing Mode
Always
WAN Visibility Mode
Correct Addressing
Description
None
Enable Rule
Enabled
Protocol Settings: CIFS
Enable Latency Optimization
Enabled
Optimize Connections with Security Signatures (that don’t require signing)
Enabled
Disable Write Optimization
Disabled
Enable Server Side Dynamic Write Throttling
Enabled
Buffer Size
2048 KB
Enable Overlapping Open Optimization
Disabled
Optimize Only the Following Extensions: sldasm, slddrw, slddwg, sldprt
Disabled
Optimize All Except the Following Extensions: ldb, mdb
Disabled
Protocol Settings: SMB2
Enable SMB2 Latency Optimization
Enabled
Do Not Optimize Connections that can’t be Down-Negotiated
Enabled
Enable SMB2 Latency Optimization on Connections that can’t be Down-Negotiated
Disabled
Protocol Settings: MAPI
Enable MAPI Optimization - Exchange Port
Enabled
Port 7830
Enable MAPI NSPI - NSPI Port
Disabled
Port 7840
Enable Encrypted Optimization
Disabled
Enable Outlook Anywhere Optimization
Disabled
Auto-Detect Outlook Anywhere Connections
Disabled
Protocol Settings: HTTP— Settings
Enable HTTP Optimization
Enabled
Object Prefetch Table Settings
Store All Allowable Objects
Store Objects With The Following Extensions
Disable The Object Prefetch Table
Minimum Object Prefetch Table Time: The default value is 60 seconds.
Maximum Object Prefetch Table Time: The default value is 86400 seconds.
Extensions to Prefetch
Extensions list for the URL Learning and the Parse and Prefetch Optimizations configurable for specific subnets or hosts in the Server Subnet and Host Settings section.
Protocol Settings: HTTP— HTML Tags to Prefetch
Add a Prefetch Tag— Create your own tag to prefetch.
Tag Name— Enter the name of the tag you want to create.
Attribute— Enter the attribute for the tag you want to create.
Remove Selected
Select the box next to the tag and click to remove.
The Initial policy comes with HTML tags ready to prefetch with the following names and attributes: base/href, body/background, img/src, link/href, script/src.
Protocol Settings: HTTP— Server Subnet and Host Settings
Add a Subnet or Host
Select the server subnet or host name and the desired optimizations and prefetch schemes.
Remove Selected
Select the box next to the Subnet or Host and click to remove.
Protocol Settings: NFS (Mac clients only)
Enable NFS Optimization
Disabled
Protocol Settings: Connection Settings
Maximum Connection Pooling Size
5
SSL: General TLS Settings
Enable TLSTLS Optimization
Disabled
SSL: General SSL Settings
Enable SSLTLS Optimization— Only available for clients running versions lower than 6.4.0.
Disabled
SSL: Client Authentication
Enable Client Certificate Support
Disabled
SSL: Proxies
Enable SSL Proxy Support
Disabled
SSL: SSL Secure Peering Settings
Traffic Type— SSL Only, SSL and Secured Protocols, or All
TLS Only
Fallback to No Encryption
Disabled
SSL: SSL Peering
Trust All Pre-Configured Peering Certificates
Enabled
Trust Selected Peering Certificates
Disabled
SaaS Acceleration
Configure SaaS Acceleration— Enable SaaS Acceleration
Disabled
Location Awareness
Enable Latency-based location awareness
Disabled
Latency Awareness
Enable Branch warming
Disabled
Adapters to Optimize: Add New Rule
Position
Start
Adapter
All Adapters
Optimize
Yes
Endpoint Settings: General Settings
Show Client in the System Tray
Enabled
Endpoint Settings: Data Store Settings
Data Store Size
10 GB
Endpoint Settings: Log Settings
Maximum Log Size
5000 KB
Maximum Number of Log Files
2
Endpoint Settings: Add a new Controller
Insert At
End
Hostname
Name of the current controller.
Port
7870
Endpoint Settings: Controller Options
Add a New Controller
Insert At—Select start, end, or a controller number from the drop-down list. The default value is end.
Specify the order in which endpoints connect to the controllers.
Client Accelerator endpoints connect according to the number you specify, starting with 1. If the system is unable to connect to 1 in the list, the system moves on to the next controller in the list. For example, if the system is unable to connect to Client Accelerator 1, then Client Accelerator 2 is attempted. If Client Accelerator 2 is successful, no further controllers in the list are attempted.
Hostname
Name of the current controller.
Port
7870
Use Random Ordering of Controllers when Connecting
Disabled
Endpoint Settings: Windows-only Settings
Reorder Intermediate Drivers (Required for Check Point and Nortel VPN compatibility)
Disabled
Disable TCP/IP Checksum Offloading (Requires client reboot)
Disabled