Configuring protocol definitions

Microsoft Internet Security and Acceleration (ISA) Server includes a wide variety of preconfigured protocol definitions, which you can use when you create protocol rules or server publishing rules. Server publishing rules use protocol definitions whose direction is inbound. For more information, see Server publishing rules and Protocol rules.

In addition, application filters may also include protocol definitions. They can be included when you install ISA Server, or you can install them later. You can further expand the set of protocol definitions by using ISA Management to create your own.

For more information, see Protocol rules and Create a protocol definition.

User-defined protocol definitions can be edited or deleted. Protocol definitions installed with application filters cannot be modified, although they can be deleted. Protocol definitions included with ISA Server cannot be modified or deleted.

When you create a protocol definition, you specify the following:

Port number. This is a port number between 1 and 65535 that is used for the initial connection.

Low-level protocol. Transmission Control Protocol (TCP) or User Datagram Protocol (UDP).

Direction. Send only, Receive only, Send receive, Receive send (for UDP protocol) or Inbound, Outbound (for TCP protocol).

(Optional) Secondary connections. This is the range of port numbers, protocol, and direction used for additional connections or packets that follow the initial connection. You can configure one or more secondary connections.

Direction

You can configure the direction of the traffic flow when you create a protocol definition. The way you specify the direction of the traffic determines how packets will be communicated. For TCP, the direction determines the direction of the initial communication. For UDP, the direction determines the flow of traffic. For example, you can configure a protocol rule that allows internal clients to initiate TCP communication on port 80 by specifying the direction as Outbound. The server with which the client is communicating can respond to the client request but cannot initiate communication.

Web protocols

You can use the taskpad to create a protocol rule that allows users to access the Internet using only specific Web protocols. The table below lists the Web protocol definitions that are preconfigured when you install ISA Server, either by ISA Server or by an application filter installed with ISA Server.

NamePort numberProtocol typeDefined byDescription

FTP

21

Transmission Control Protocol (TCP)

FTP access filter

File Transfer Protocol (FTP), used for copying files between hosts.

FTP Download Only

21

TCP

FTP access filter

FTP, used for downloading files from FTP server to FTP client.

Gopher

70

TCP

ISA Server

Menu-driven front end to other Internet services, including Archie and Wide Area Information Server (WAIS).

HTTP

80

TCP

ISA Server

Hypertext Transfer Protocol (HTTP), used to implement the World Wide Web.

HTTPS

443

TCP

ISA Server

Version of HTTP that uses Secure Sockets Layer (SSL) for encryption.

Application filters and protocol definitions

Protocol definitions that are included with application filters do not have secondary connections. This is because the application filter itself informs the ISA Server computer which secondary connections to open for the client, according to the specific protocols. Here's how it works:

1.

The client opens a primary connection to a server on the Internet.

2.

The ISA Server computer notifies the filter about the connection.

3.

The filter examines the data that is flowing through the primary connection and determines which secondary connection the client is going to use.

4.

The filter informs the ISA Server computer to allow that particular secondary connection.

5.

The ISA Server computer opens the specific port, as indicated by the application filter.

Some application filters create and install new protocol definitions. When the application filter is disabled, all its protocol definitions are also disabled. That is, traffic that uses the protocol definition is blocked. For example, if you disable the streaming media filter, then all traffic that uses the Windows media and Realnetworks protocol definitions is blocked.

Other application filters filter traffic of existing protocol definitions, either user-defined or configured by ISA Server. When these application filters are disabled, the protocol definitions that they filter are not disabled. For example, even if you disable the Simple Mail Transfer Protocol (SMTP) filter, SMTP protocol definitions might still be allowed to pass (unfiltered).

For more information, see Application filters.

Protocol definitions that are installed with ISA Server

The table below lists some of the protocol definitions that are included with ISA Server.

Protocol NameDescription

AOL

AOL Internet Access

AOL Instant Messenger

 

Archie

 

BOOTP

Bootstrap

Chargen (TCP)

Character generator (TCP)

Chargen (UDP)

Character generator (UDP)

Daytime (TCP)

 

Daytime (UDP)

 

Destination Unreachable

 

Discard (TCP)

 

Discard (UDP)

 

DNS

Domain Name System

DNS (Zone transfer)

 

DNS Server

Domain Name System (server)

DNS Server - zone transfer

 

Echo (TCP)

 

Echo (UDP)

 

Echo Reply

 

Echo Request

 

Exchange RPC Server

 

Finger

 

FTP

File Transfer Protocol

FTP Download-only

File Transfer Protocol - Download only

FTP Server

File Transfer Protocol (server)

FTP Server - Read only

File Transfer Protocol (server) - Read only

Gopher

 

H.323

H.323 video conferencing

HTTP

Hypertext Transfer Protocol

HTTP Server

Hypertext Transfer Protocol (server)

HTTPS

Secure Hypertext Transfer Protocol

HTTPS Server

Secure Hypertext Transfer Protocol (server)

ICA

Citrix Intelligent Console Architecture

ICQ

ICQ instant messenger

Ident

 

IKE

Internet Key Exchange

IMAP4

Interactive Mail Access Protocol

IMAPS

Secure Interactive Mail Access Protocol

IRC

Internet Relay Chat

Kerberos-Adm

Kerberos administration

Kerberos-IV

Kerberos IV authentication

Kerberos-Sec

Kerberos V authentication

LDAP

Lightweight Directory Access Protocol

LDAP GC (Global Catalog)

 

LDAPS

Secure Lightweight Directory Access Protocol

Microsoft SQL Server

 

MSN

MSN Internet Access

MSN Messenger

 

Net2Phone

 

Net2Phone Registration

 

NetBIOS Datagram

 

NetBIOS Name Service

 

NetBIOS Session

 

NNTP

Network News Transfer Protocol

NNTPS

Secure Network News Transfer Protocol

NTP (UDP)

Network Time Protocol (UDP)

Parameter Problem

 

POP2

Post Office Protocol v.2

POP3

Post Office Protocol v.3

POP3S

Secure Post Office Protocol v.3

PPTP

Point-to-Point Tunneling Protocol

Quote (TCP)

Quote of the day (TCP)

Quote (UDP)

Quote of the day (UDP)

RADIUS

Remote Authentication Dial-In User Service

RADIUS Accounting

 

RDP (Terminal Services)

Remote Desktop Protocol (Terminal Services)

RealAudio / RealVideo

RealNetworks streaming media (PNM)

RealAudio / RealVideo Server

RealNetworks streaming media (PNM) (server)

Redirect

 

RIP

Routing Information Protocol

Rlogin

Remote login

RPC

Remote Procedure Call

RPC port mapper

Remote Procedure Call port mapper (server)

RTSP

Real Time Streaming Protocol

RTSP Server

Real Time Streaming Protocol (server)

SMTP

Simple Mail Transfer Protocol

SMTP Server

Simple Mail Transfer Protocol (server)

SMTPS

Secure Simple Mail Transfer Protocol

SNMP

Simple Network Management Protocol

SNMP Trap

Simple Network Management Protocol - Trap

Source Quence

 

SSH

Secure Shell

Syslog

 

Telnet

 

Telnet Server

 

TFTP

Trivial File Transfer Protocol

Time (TCP)

 

Time (UDP)

 

Time Exceeded

 

Timestamp Reply

 

Timestamp Request

 

Whois

Nickname/Whois protocol

Windows Media

Microsoft streaming media

Windows Media Server

Microsoft streaming media (server)



© 2016 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies