Configuring protocol definitions
Microsoft Internet Security and Acceleration (ISA) Server includes a wide variety of preconfigured protocol definitions, which you can use when you create protocol rules or server publishing rules. Server publishing rules use protocol definitions whose direction is inbound. For more information, see Server publishing rules and Protocol rules.
In addition, application filters may also include protocol definitions. They can be included when you install ISA Server, or you can install them later. You can further expand the set of protocol definitions by using ISA Management to create your own.
For more information, see Protocol rules and Create a protocol definition.
User-defined protocol definitions can be edited or deleted. Protocol definitions installed with application filters cannot be modified, although they can be deleted. Protocol definitions included with ISA Server cannot be modified or deleted.
When you create a protocol definition, you specify the following:
Port number. This is a port number between 1 and 65535 that is used for the initial connection.
Low-level protocol. Transmission Control Protocol (TCP) or User Datagram Protocol (UDP).
Direction. Send only, Receive only, Send receive, Receive send (for UDP protocol) or Inbound, Outbound (for TCP protocol).
(Optional) Secondary connections. This is the range of port numbers, protocol, and direction used for additional connections or packets that follow the initial connection. You can configure one or more secondary connections.
You can configure the direction of the traffic flow when you create a protocol definition. The way you specify the direction of the traffic determines how packets will be communicated. For TCP, the direction determines the direction of the initial communication. For UDP, the direction determines the flow of traffic. For example, you can configure a protocol rule that allows internal clients to initiate TCP communication on port 80 by specifying the direction as Outbound. The server with which the client is communicating can respond to the client request but cannot initiate communication.
You can use the taskpad to create a protocol rule that allows users to access the Internet using only specific Web protocols. The table below lists the Web protocol definitions that are preconfigured when you install ISA Server, either by ISA Server or by an application filter installed with ISA Server.
Transmission Control Protocol (TCP)
FTP access filter
File Transfer Protocol (FTP), used for copying files between hosts.
FTP Download Only
FTP access filter
FTP, used for downloading files from FTP server to FTP client.
Menu-driven front end to other Internet services, including Archie and Wide Area Information Server (WAIS).
Hypertext Transfer Protocol (HTTP), used to implement the World Wide Web.
Version of HTTP that uses Secure Sockets Layer (SSL) for encryption.
Application filters and protocol definitions
Protocol definitions that are included with application filters do not have secondary connections. This is because the application filter itself informs the ISA Server computer which secondary connections to open for the client, according to the specific protocols. Here's how it works:
The client opens a primary connection to a server on the Internet.
The ISA Server computer notifies the filter about the connection.
The filter examines the data that is flowing through the primary connection and determines which secondary connection the client is going to use.
The filter informs the ISA Server computer to allow that particular secondary connection.
The ISA Server computer opens the specific port, as indicated by the application filter.
Some application filters create and install new protocol definitions. When the application filter is disabled, all its protocol definitions are also disabled. That is, traffic that uses the protocol definition is blocked. For example, if you disable the streaming media filter, then all traffic that uses the Windows media and Realnetworks protocol definitions is blocked.
Other application filters filter traffic of existing protocol definitions, either user-defined or configured by ISA Server. When these application filters are disabled, the protocol definitions that they filter are not disabled. For example, even if you disable the Simple Mail Transfer Protocol (SMTP) filter, SMTP protocol definitions might still be allowed to pass (unfiltered).
For more information, see Application filters.
Protocol definitions that are installed with ISA Server
The table below lists some of the protocol definitions that are included with ISA Server.
AOL Internet Access
AOL Instant Messenger
Character generator (TCP)
Character generator (UDP)
Domain Name System
DNS (Zone transfer)
Domain Name System (server)
DNS Server - zone transfer
Exchange RPC Server
File Transfer Protocol
File Transfer Protocol - Download only
File Transfer Protocol (server)
FTP Server - Read only
File Transfer Protocol (server) - Read only
H.323 video conferencing
Hypertext Transfer Protocol
Hypertext Transfer Protocol (server)
Secure Hypertext Transfer Protocol
Secure Hypertext Transfer Protocol (server)
Citrix Intelligent Console Architecture
ICQ instant messenger
Internet Key Exchange
Interactive Mail Access Protocol
Secure Interactive Mail Access Protocol
Internet Relay Chat
Kerberos IV authentication
Kerberos V authentication
Lightweight Directory Access Protocol
LDAP GC (Global Catalog)
Secure Lightweight Directory Access Protocol
Microsoft SQL Server
MSN Internet Access
NetBIOS Name Service
Network News Transfer Protocol
Secure Network News Transfer Protocol
Network Time Protocol (UDP)
Post Office Protocol v.2
Post Office Protocol v.3
Secure Post Office Protocol v.3
Point-to-Point Tunneling Protocol
Quote of the day (TCP)
Quote of the day (UDP)
Remote Authentication Dial-In User Service
RDP (Terminal Services)
Remote Desktop Protocol (Terminal Services)
RealAudio / RealVideo
RealNetworks streaming media (PNM)
RealAudio / RealVideo Server
RealNetworks streaming media (PNM) (server)
Routing Information Protocol
Remote Procedure Call
RPC port mapper
Remote Procedure Call port mapper (server)
Real Time Streaming Protocol
Real Time Streaming Protocol (server)
Simple Mail Transfer Protocol
Simple Mail Transfer Protocol (server)
Secure Simple Mail Transfer Protocol
Simple Network Management Protocol
Simple Network Management Protocol - Trap
Trivial File Transfer Protocol
Microsoft streaming media
Windows Media Server
Microsoft streaming media (server)