Skip to main content
Traffic Policy Profiles define what network traffic your SIMs are allowed (or denied). Assign a profile to filter traffic at the network level before it reaches your devices.

Profile Types

TypeBehavior
whitelistOnly listed traffic is allowed. Everything else is blocked.
blacklistListed traffic is blocked. Everything else is allowed.
throttlingTraffic is allowed but bandwidth-limited to limit_bw_kbps.

Filter Criteria

Each profile can include one or more of:
  • services — PCEF service IDs (predefined traffic categories). Use GET /traffic/policy/profiles/services to list available services.
  • ip_ranges — CIDR notation (10.0.0.0/8, 203.0.113.0/24). Block or allow specific IP ranges.
  • domains — Domain names (example.com, *.internal.corp). DNS-level filtering.
At least one of services, ip_ranges, or domains is required when creating a profile.

Example: IoT Device Lockdown

Whitelist-only profile that restricts a fleet of sensors to your backend servers: 
{
  "type": "whitelist",
  "ip_ranges": ["10.100.0.0/16"],
  "domains": ["api.yourcompany.com", "telemetry.yourcompany.com"]
}
Devices can only reach your internal network and two API endpoints. All other traffic is dropped.

Example: Bandwidth Throttling

Limit data-hungry devices to prevent runaway costs: 
{
  "type": "throttling",
  "limit_bw_kbps": 256
}

Assigning Profiles

Profiles are assigned at the SIM Card Group level. Create the profile via POST /traffic/policy/profiles, then reference its ID when configuring the group.