Don't quote me, but I thought typically it's the equivalent aggregate packet processing on the device.
So for example it you had 100 Mbps aggregate ingressing and that 100 Mbps then egressing, it's just 100 Mbps that's counted, number of interfaces being used for ingress/egress doesn't matter. (I.e. what I believe @Torbjørn has in mind for unidirectional counting.)
If the device is the termination point, I believe typically the aggregate of bandwidth to/from the device is counted.
Basically, for the two prior cases, the same packet's bandwidth consumption is only counted once.)
Consider a router with just two gig interfaces. The maximum bandwidth of transit traffic would be 2 gig (although in Cisco parlance this would need a 4 gig fabric). However, the maximum bandwidth to/from the router as a host would be 4 gig, but assuming the router is not the host, but providing transit encryption, again there's only 2 gig.
Where bandwidth licensing seems to vary, is dealing with filtering traffic which drops traffic upon ingress or egress, i.e. does that traffic get counted against a license cap? I believe, generally, dropped ingress traffic is not counted but dropped egress traffic is counted, but you would need to check how a specific bandwidth license count is done.)
