Protocol Control Technical Specifications

Protocol Control blocks unwanted protocols from entering or leaving your protected network. Unwanted protocols might include Instant Messaging and Peer-to-Peer (P2P). For example, you might want to block users from playing some video games and from streaming media.

Protocol Control uses signatures to identify "rogue" or unwanted protocols on all ports. Many protocols, such as Instant Messaging and Peer-to-Peer, are difficult to block with a traditional firewall because of their "port hopping" behavior. If clients are blocked after trying to connect through their default port, they will connect over port 80 or port 25. Port 80 and port 25 cannot be blocked without blocking Web and e-mail traffic. Protocol Control can identify this hopping behavior, and log and block the connections.

If Protocol Control is not pre-configured for a protocol that you want to block, you can use the Untangle Server's user interface to create custom rules to block additional protocols.

What It Does

Transparently scans application data stream, logging and blocking designated protocols

How It Does It

• Uses L7-Filter Netfilters to classify protocols based on OSI layer 7 data, regardless of port or port-hopping
• Uses Untangle custom scanning engine, default settings, tuning and updates

Controls

• Default settings include a wide array of protocol signatures that can be configured for logging and/or blocking
  
• Custom signatures can be added