Create Ethernet Service elements

Create a custom Ethernet Service element if you need to match Ethernet-level traffic that is not represented by the default Ethernet Service elements. You can also use a custom Ethernet Service element to change the properties of an Ethernet Service element.

There are predefined Ethernet Service elements that correspond to commonly used Ethernet services. You can use the predefined Ethernet Services if they meet your needs.

CAUTION:

Match any IP traffic you allow in Ethernet rules to the default IPv4 and IPv6 Services. These Services match the traffic using the correct Protocol element. Only IP traffic matched to the correct Protocol element is inspected further against the Access rules. Non-IP traffic is never inspected any further.

Ethernet Services are used in IPS Policies, Layer 2 Firewall Policies, and Layer 2 Interface Policies.

For more details about the product and how to configure features, click Help or press F1.

Steps

Select Configuration.
Expand the Other Elements tree.
Right-click Ethernet Services and select New > Ethernet Service.
In the Name field, enter a unique name for the new Ethernet Service.
Select the Ethernet-level protocol and enter the details depending on the protocol:

Table 1. Required options for each protocol

Protocol Option

Ethernet 2 (DIX) MAC type

LLC SSAP

DSAP

SNAP Vendor

Type

Note: IEEE assigns the protocol codes. The Raw IPX and Protocol protocols do not have any configurable options.
Click OK.

Table 1. Required options for each protocol
Protocol	Option
Ethernet 2 (DIX)	MAC type
LLC	SSAP
DSAP
SNAP	Vendor
Type

Ethernet Service Properties dialog box

Use this dialog box to define Ethernet Service properties.

Option	Definition
Protocol	Not editable. Present in the default IPv4 or IPv6 services to direct traffic to further filtering and inspection. Not present in any custom Service elements that you create.
Name	Specifies a unique name for the Service.
Comment	An optional comment for your reference.
Ethernet 2 (DIX)	Enter the EtherType code of the protocol that the traffic uses.
Type	The EtherType code of the protocol that the traffic uses.
Raw IPX (Novell)	Matches IPX (internetwork packet exchange) traffic.
LLC	LLC (logical link control protocol) options.
SSAP	The SSAP (source service access point) address that the traffic uses.
DSAP	The DSAP (destination service access point) address that the traffic uses.
SNAP	SNAP (subnetwork access protocol) options.
Vendor	The OUI (organizational unique identifier) that the traffic uses.
Type	The type that the traffic uses.
Protocol	Not editable. Present in the default IPv4 or IPv6 services to direct traffic to further filtering and inspection. Not present in any custom Service elements that you create.
Select	Select the Ethernet-level protocol and enter the details depending on the protocol.
Category	Shows the assigned category.
Select	Opens the Category Selection dialog box.