Protocol elements and how they work

Protocol Elements identify traffic as being of a certain network protocol.

Protocol elements can be inserted directly in Inspection rule exceptions. In Access rules, the Protocol elements are always contained in a Service element, which can then be inserted into the Service cell in rules. Some Protocols add options that you can adjust to custom Service elements that you create. You cannot add or modify the Protocol elements directly.

A Protocol element in Access rules identifies the protocol for inspection against Inspection rules. In Inspection rules, the Protocol can be used to limit the scope of exception rules according to the Protocol (as identified in the Access rules) in rules that otherwise match many Protocols. Also, the Protocols might activate some additional software modules on the engines.

This action depends on the type of the Protocol element:
  • Protocol Tag: a Protocol element that does not activate additional modules.
  • Protocol Agent: a Protocol element that activates an additional module on the engines to provide advanced application layer features.