Protocol Agents overview

Protocol Agents are software modules for advanced processing of protocols that require special handling on the Firewall, Layer 2 Firewall, or the IPS engine.

Special handling might be required due to the complexity of the protocols, address information in the data payload, related connections, or other consideration. Protocol elements also associate the traffic with a certain protocol for inspection against the Inspection Policy.

Protocol Agents on Firewalls can:
  • Validate application-level protocol use (for example, FTP command syntax).
  • Open related connections when required (for example, FTP data connections).
  • Modify application data when required (for example, NAT in H.323 data payload).
  • Redirect FTP, HTTP, HTTPS, and SMTP connections to proxy services.
Protocol Agents on Layer 2 Firewalls and IPS engines can:
  • Validate application-level protocol use (for example, FTP command syntax).
  • Open related connections when required (for example, FTP data connections).

Some protocols require the use of the correct Protocol Agent to pass inspection by the Firewall, Layer 2 Firewall, or the IPS engine when traffic is handled using stateful inspection.