MSRPC Protocol Agent

The MSRPC (Microsoft RPC) Protocol Agent allows related connections for the endpoint mapper (EPM) protocol. It also handles NAT modifications for communications between Microsoft Outlook clients and Microsoft Exchange servers.

The MSRPC Protocol Agent supports TCP as the EPM connection method. By default, the Microsoft RPC/ EPM service is available on port 135/tcp and the communications continue using a dynamically allocated port. The Protocol Agent monitors the ports used to dynamically allow the connections based on the port allocation. This removes the need to allow the full range of ports.

If the traffic is Outlook/Exchange traffic, the Protocol Agent can also be used to support NAT for related connections by changing the payload data of the control connection.

On Firewalls, this Protocol Agent has parameters that you can set in the Service properties. On IPS engines and Layer 2 Firewalls, there are no configurable parameters for this Protocol Agent.