Configure a site with the appropriate bandwidth settings in <loginname> > Settings > Sites
Configure the bandwidth usage using the Calendar to set the throttle limit.
Assign the site to the sensor group by selecting the site in the Sensor Group General Options > Site Assignment
Additional Information
Modifying bandwidth settings for sites requires Global Administrator status for on-premise installations and Administrator status for the cloud.
Throttling can be configured per site via sensor groups, per hour, per day.
Throttling will limit bandwidth from a group of endpoint sensors. Often used on low-bandwidth sites or sites that are bandwidth constrained at certain times of the day.
The trade-off when throttling is invoked is a delay in data sent back to the central server for analysis against watchlists and the availability of the data in the console.
Nginx access.log may see an increase in HTTP 503 responses once site throttling enabled. This is normal
Console users can override the network throttle by enabling “sync” to any individual host to instruct the host to ignore any configured throttles and send all data immediately.
Throttles shape the volume of traffic to the server from sensors at particular times. They do not reduce overall traffic. To reduce traffic, reduce data collected on the sensor group’s configuration.
Maximum sensor Checkin rate can be configured through SensorCheckinDelayRate in cb.conf.
Default value is 100 and it corresponds to max 100 checkins/second/server node
Reducing this value, reduces network traffic due to checkins, but also reduces how often sensors send statistics and retrieve any configuration changes.
Due to the number of processes generated on those endpoints, Mac and Linux sensors may drive higher bandwidth utilization.
If needed, create a new site to adjust further throttling for sensor groups outside of the default site.
Settings are applied per site, not per sensor group.