XOS IP flow rules can be crafted to send only monitored ports and protocols to the VAP group, such as http, https, or ftp. This will reduce the amount of excess traffic being analyzed by Network Agent.
For example, to send only TCP port 80 (HTTP) traffic to the VAP group use the following ip-flow-rule:
destination-port 80 80
See the Configuring Flow Provisioning chapter in the XOS Configuration Guide for more details.