Policy: Firewall-VPN
Last Modified: Wed Oct 27 07:28:53 2004



Security
NAT
Desktop
CheckPoint
Nodes
Networks
ObjectGroups
AddressRanges
DynamicObjects
Services
ServiceGroups
Resources
Times
Servers
Users
UserGroups
Communities
Services

TypeServicePolicy
Load
SpecificationPropertiesComments
TCP
AOL
Keep
Port: 5190

Advanced

AOL Instant Messenger. Also used by: ICQ &
Apple iChat
Keep
Port: 2626

Advanced

Defender Authentication service
Keep
Port: 2626

Advanced

Defender Authentication service
Keep
Port: 411

Advanced

Backage trojan
Keep
Port: 5000

Advanced

Also used by: Blazer5 , Bubbel and Back-door
trojans
Keep
Port: 1494

Advanced

Citrix ICA general Service.
Keep
Port: 16384

Advanced

 
CPD
Keep
Port: 18191

Advanced

Check Point Daemon Protocol
Keep
Port: 18192

Advanced

Check Point Internal Application Monitoring
Keep
Port: 18190

Advanced

Check Point Management Interface
Keep
Port: 18262

Advanced

Check Point Extranet public key resolution
Keep
Port: 18263

Advanced

Check Point Extranet remote objects
resolution
Keep
Port: 18221

Advanced

Check Point Redundant Management Protocol
Keep
Port: 18205

Advanced

Check Point Reporting Client Protocol
Keep
Port: 18202

Advanced

Check Point Real Time Monitoring
Keep
Port: 4433

Advanced

Check Point Smart Portal
Keep
Port: 444

Advanced

SSL Network Extender port
Keep
Port: 4444

Advanced

CrackDown trojan
Keep
Port: 455

Advanced

The Client listening port
Keep
Port: 453

Advanced

The Server listening port
Keep
Port: 1074

Advanced

DaCryptic trojan
Keep
Port: 6129

Advanced

DameWare Mini Remote Control Protocol
Keep
Port: 13

Advanced

Daytime Server Protocol (TCP)
Keep
Port: 1000

Advanced

Also used by: Direct
Connection,Connecter,Insane Network trojans
Keep
Port: 2000

Advanced

Also used by:Insane Network,Last 2000,Remote
Explorer 2000,Senna Spy Trojan Generator
trojans
Keep
Port: 411-412

Advanced

Direct Connect P2P application. Used also by
other clients
Keep
Port: 9

Advanced

Discard Server Protocol (TCP)
Keep
Port: 53

Advanced

Domain Name System Download
Keep
Port: 7

Advanced

Echo Protocol (TCP)
Keep
Port: 4661

Advanced

eDonkey protocol. Used also by other clients.
Keep
Port: 4662

Advanced

eDonkey protocol. Used also by other clients.
Keep
Port: 710

Advanced

Entrust CA Administration Service
Keep
Port: 709

Advanced

Entrust CA Key Management Service
Keep
Port: 512

Advanced

Remote execution (rexec)
Keep
Port: 79

Advanced

UNIX, Finger Protocol
Keep
Port: 7001

Advanced

Also used by: Freak88,NetSnooper Gold trojans
ftp
Keep
Port: 21

Advanced

File Transfer Protocol
Keep
Port: 21

Advanced

File Transfer Protocol with bi-directional
data transfer
Keep
Port: 21

Advanced

File Transfer Protocol - PASV mode only
Keep
Port: 21

Advanced

File Transfer Protocol - PORT mode only
FW1
Keep
Port: 256

Advanced

Check Point VPN-1 & FireWall-1 Service
Keep
Port: 18193

Advanced

Check Point OPSEC Application Monitoring
Keep
Port: 900

Advanced

Check Point VPN-1 & FireWall-1 Client
Authentication (HTTP)
Keep
Port: 259

Advanced

Check Point VPN-1 & FireWall-1 Client
Authentication (Telnet)
Keep
Port: 18208

Advanced

Check Point Remote Installation Protocol
Keep
Port: 18181

Advanced

Check Point OPSEC Content Vectoring Protocol
Keep
Port: 18187

Advanced

Check Point OPSEC Event Logging API
Keep
Port: 18265

Advanced

Check Point Internal CA Management Tools
Keep
Port: 18210

Advanced

Check Point Internal CA Pull Certificate
Service
Keep
Port: 18211

Advanced

Check Point Internal CA Push Certificate
Service
Keep
Port: 18264

Advanced

Check Point Internal CA Fetch CRL and User
Registration Services
Keep
Port: 265

Advanced

Check Point VPN-1 Public Key Transfer
Protocol
Keep
Port: 18184

Advanced

Check Point OPSEC Log Export API
Keep
Port: 257

Advanced

Check Point VPN-1 & FireWall-1 Logs
Keep
Port: 258

Advanced

Check Point Management (Version 4.x)
Keep
Port: 19190

Advanced

Check Point User Authority simple protocol
Keep
Port: 18185

Advanced

Check Point OPSEC Objects Management
Interface
Keep
Port: 18186

Advanced

Check Point OPSEC Objects Management
Interface with Secure Internal Communication
Keep
Port: 18207

Advanced

Check Point Policy Server Logon protocol
Keep
Port: 18231

Advanced

Check Point NG Policy Server Logon protocol
Keep
Port: 18183

Advanced

Check Point OPSEC Suspicious Activity
Monitor API
Keep
Port: 18232

Advanced

Check Point SecuRemote Distribution Server
Protocol
Keep
Port: 65524

Advanced

SecuRemote Distribution Server Protocol (VC
and higher)
Keep
Port: 261

Advanced

Check Point VPN-1 & FireWall-1 Session
Authentication
Keep
Port: 264

Advanced

Check Point VPN-1 SecuRemote Topology
Requests
Keep
Port: 19191

Advanced

Check Point OPSEC User Authority API
Keep
Port: 18182

Advanced

Check Point OPSEC URL Filtering Protocol
Keep
Port: 6970

Advanced

GateCrasher trojan
Keep
Port: 6347

Advanced

Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 6346

Advanced

Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 70

Advanced

The Internet Gopher Protocol
Keep
Port: 8200

Advanced

Remote Computer Access & Sharing
application, also uses HTTP and HTTPS
Keep
Port: 1720

Advanced

videoconference transmissions over IP
networks
Keep
Port: 1720

Advanced

videoconference transmissions over IP
networks
Keep
Port: 31785

Advanced

HackaTack
Keep
Port: 31787

Advanced

HackaTack trojan
Keep
Port: 31788

Advanced

HackaTack trojan
Keep
Port: 31790

Advanced

HackaTack trojan
Keep
Port: 31792

Advanced

HackaTack trojan
Keep
Port: 5500-5503

Advanced

Hotline client connections
Keep
Port: 80

Advanced

Hypertext Transfer Protocol
Keep
Port: 443

Advanced

HTTP protocol over TLS/SSL
Keep
Port: 8080

Advanced

 
Keep
Port: 1027

Advanced

ICKiller
Keep
Port: 113

Advanced

Identify RCS keyword strings in files
Keep
Port: 500

Advanced

IPSEC Internet Key Exchange Protocol over TCP
Keep
Port: 143

Advanced

Interactive Mail Access Protocol
Keep
Port: 5000

Advanced

This port also used by many trojans and the
upnp service
Keep
Port: 1029

Advanced

Also used by: ICQ Nuke 98 trojan
Keep
Port: 1111

Advanced

used for distributing configuration changes
among cluster members and cluster wide
monitoring
Keep
Port: 6660-6670

Advanced

Internet Relay Chat Protocol
Keep
Port: 7000

Advanced

Internet Relay Chat Protocol
Keep
Port: 1024

Advanced

Also used by: Latinus,NetSpy,RAT trojans and
K Display Manager
Keep
Port: 1212

Advanced

Kaos trojan
Keep
Port: 1214

Advanced

FastTrack (KaZaA/Morpheus) P2P Protocol
Keep
Port: 88

Advanced

Kerberos authentication protocol (version 5)
Keep
Port: 17300

Advanced

Kuang2 trojan
Keep
Port: 389

Advanced

Lightweight Directory Access Protocol
Keep
Port: 636

Advanced

Lightweight Directory Access Protocol over
TLS/SSL
Keep
Port: 513

Advanced

Remote login (rlogin)
Keep
Port: 1352

Advanced

Lotus iNotes Web Access Protocol
Keep
Port: 515

Advanced

Also used by: Ramen trojan and printer
service.
Keep
Port: 5025

Advanced

Formerly called Aimster
Keep
Port: 445

Advanced

Microsoft CIFS over TCP
Keep
Port: 4666

Advanced

Mneah trojan
Keep
Port: 1434

Advanced

Microsoft SQL Monitor
Keep
Port: 1433

Advanced

Microsoft SQL Server
Keep
Port: 1863

Advanced

 
Keep
Port: 1863

Advanced

MSN Messenger
Keep
Port: 6891-6900

Advanced

Microsoft Network Messenger File Transfer
Keep
Port: 1035

Advanced

Multidropper trojan
Keep
Port: 3306

Advanced

Supported from version R55W, MySQL database
server
Keep
Port: 6600-6699

Advanced

Napster clients. Also used by: WinMX
Keep
Port: 4444

Advanced

Napster directory connections
Keep
Port: 5555

Advanced

Napster directory connections
Keep
Port: 6666

Advanced

Napster directory connections
Keep
Port: 7777

Advanced

Napster directory connections
Keep
Port: 8888

Advanced

Napster directory connections (Primary)
Keep
Port: 8875

Advanced

 
Keep
Port: 139

Advanced

NetBios Session Service
NCP
Keep
Port: 524

Advanced

Novell NetWare Core Protocol
Keep
Port: 1755

Advanced

Microsoft NetShow (Windows Media Player)
Keep
Port: 15

Advanced

UNIX netstat Protocol, show network status
Keep
Port: 2049

Advanced

Network File System Daemon over TCP
Keep
Port: 119

Advanced

Network News Transfer Protocol
Keep
Port: 123

Advanced

Network Time Protocol (TCP)
Keep
Port: 2649

Advanced

Oracle Application Server (IIOP) NameServer
Keep
Port: 2651

Advanced

Oracle Application Server (IIOP) ORB
Keep
Port: 2000

Advanced

 
Keep
Port: 1570

Advanced

IONA Orbix Daemon (IIOP) Port 1570
Keep
Port: 1571

Advanced

IONA Orbix Daemon (IIOP) Port 1571
Keep
Port: 5631

Advanced

PCs remote access security software, data
Keep
Port: 2299

Advanced

Symantec pcTELECOMMUTE File Synchronization
Keep
Port: 109

Advanced

Post Office Protocol - Version 2
Keep
Port: 110

Advanced

Post Office Protocol - Version 3
Keep
Port: 6667

Advanced

Used by: Dark FTP,EGO,Maniac
rootkit,Moses,ScheduleAgent,SubSeven,Trinity,The
thing,Kaitex,WinSatan trojans.
Keep
Port: 5432

Advanced

Supported from version R55W, PostgreSQL
database server
Keep
Port: 1723

Advanced

Point-to-Point Tunneling Protocol, extension
of PPP
Keep
Port: 6374

Advanced

RainWall high availability daemon
RAT
Keep
Port: 1097-1098

Advanced

RAT trojan (Remote Administration Tool)
Keep
Port: 7070

Advanced

RealNetworks PNA Protocol
Keep
Port: 2998

Advanced

Automatic 'Suspicious Activity Monitoring'
activator
Keep
Port: 3389

Advanced

Microsoft RDP
Keep
Port: 1025

Advanced

Also used by: Fraggle Rock,NetSpy,md5
Backdoor trojans
Keep
Port: 554

Advanced

Real Time Streaming Protocol
Keep
Port: 2000

Advanced

Supported from version R55W, Skinny Client
Control Protocol (SCCP)
Keep
Port: 5510

Advanced

Token based Authentication service (TCP)
Keep
Port: 1337

Advanced

Shadyshell trojan
Keep
Port: 514

Advanced

Remote shell (rsh)
Keep
Port: 5060

Advanced

Session Initiation Protocol over TCP IPv6
Keep
Port: 5060

Advanced

 
Keep
Port: 4000

Advanced

Also used by: Backdoor trojan
Keep
Port: 25

Advanced

Simple Mail Transfer Protocol
Keep
Port: 1

Advanced

Also used by the: tcpmux service
Keep
Port: 1521

Advanced

Oracle SQL*Net Version 1
Keep
Port: 1521

Advanced

part of Oracle SQL*Net Version 2 Services
Keep
Port: 1525

Advanced

part of Oracle SQL*Net Version 2 Services
Keep
Port: 1526

Advanced

part of Oracle SQL*Net Version 2 Services
ssh
Keep
Port: 22

Advanced

secure shell, encrypted and authenticated rsh
Keep
Port: 22

Advanced

Secure Shell, version 1.x block
Keep
Port: 443

Advanced

SSL version 3, dropping anything else.
Keep
Port: 3002

Advanced

Stonesoft StoneBeat Control
Keep
Port: 3001

Advanced

Stonesoft StoneBeat Daemon Heartbeat
Keep
Port: 27374

Advanced

Also used by:Bad
Blood,EGO,Lion,Ramen,Seeker,The
Saint,Tftloader,Webhead trojans
Keep
Port: 1243

Advanced

Also used by: Tiles and Backdoor_g trojans
Keep
Port: 1503

Advanced

H323, Application sharing protocol
Keep
Port: 49

Advanced

Terminal Access Controller Access Control
System over TCP
Keep
Port: >1023

Advanced

TCP Ports 1024-65535
Keep
Port: 23

Advanced

Telnet Protocol
Keep
Port: 3456

Advanced

Terror trojan
Keep
Port: 5534

Advanced

TheFlu trojan
Keep
Port: 37

Advanced

Time Server Protocol (TCP)
Keep
Port: 2004-2005

Advanced

TransScout trojan
Keep
Port: 1524

Advanced

Trinoo trojan
Keep
Port: 1234

Advanced

Also used by: SubSeven Java client
Keep
Port: 540

Advanced

Unix-to-Unix Copy Program
Keep
Port: 210

Advanced

Wide Area Information Servers
Keep
Port: 1494

Advanced

Allows servers to provide applications and
data for attached computer workstations
(Windows)
Keep
Port: 1081

Advanced

WinHole trojan
X11
Keep
Port: 6000-6063

Advanced

X Window System
Keep
Port: 1031

Advanced

Xanadu trojan
Keep
Port: 5050

Advanced

Yahoo Messenger messages
Keep
Port: 5000-5001

Advanced

Yahoo Messenger Voice Chat
Keep
Port: 5100

Advanced

Yahoo Messenger Webcams video
Compound TCP
Cdf
Keep
Port: 80
Compound Service: Cdf
 
http subservice for FloodGate use,Channel
Definition Format
Keep
Port: 80
Compound Service: NetCaster
 
http subservice for FloodGate use, Marimba
Castanet Tuner product
Keep
Port: 80
Compound Service: CDF
 
http subservice for FloodGate use, Microsoft
Channels
Keep
Port: 80
Compound Service: pointcast
 
http subservice for FloodGate use, push web
content
Citrix TCP
 
Port: 1494
 
Citrix ICA printing traffic
UDP
Keep
Port: 1525

Advanced

Archie Internet Protocol, search for files
over FTP servers
Keep
Port: 512

Advanced

UNIX biff Protocol, give notice of incoming
mail messages
Keep
Port: 41170

Advanced

Uses MANOLITO protocol
Keep
Port: 67

Advanced

Bootstrap Protocol Server, users
automatically configured
Keep
Port: 1604

Advanced

Tcp Service for general Citrix browsing
Keep
Port: 19194-19195

Advanced

SecureAgent Authentication service
Keep
Port: 7648-7652

Advanced

person-to-person or group discussions
videoconference
Keep
Port: 13

Advanced

Daytime Server Protocol (UDP)
Keep
Port: 67

Advanced

DHCP relay agent
Keep
Port: 68

Advanced

DHCP reply to enforcement module only
Keep
Port: 67

Advanced

DHCP request from enforcement module only
Keep
Port: 411-412

Advanced

Direct Connect P2P application. Used also by
other clients
Keep
Port: 9

Advanced

Discard Server Protocol (UDP)
Keep
Port: 53

Advanced

Domain Name System Queries
Keep
Port: 18241

Advanced

Check Point End to End Control Protocol
Keep
Port: 7

Advanced

Echo Protocol (UDP)
Keep
Port: 4665

Advanced

eDonkey protocol. Used also by other clients.
Keep
Port: 21300

Advanced

real-time full-duplex voice communication
via the Internet-server
Keep
Port: 18212

Advanced

Check Point ConnectControl Load Agent
Keep
Port: 18233

Advanced

Check Point SecureClient Verification
Keepalive Protocol
Keep
Port: 260

Advanced

Check Point VPN-1 & FireWall-1 SNMP Agent
Keep
Port: 6347

Advanced

Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 6346

Advanced

Also used by: BearShare, ToadNode, Gnucleus,
Xolox, LimeWire
Keep
Port: 3386

Advanced

used only for log resolving
Keep
Port: 2123

Advanced

used only for log resolving
Keep
Port: 2152

Advanced

used only for log resolving
Keep
Port: 1719

Advanced

RAS and associated connections (H.323
protocols)
Keep
Port: 1719

Advanced

Endpoint to Gatekeeper and Gatekeeper to
Gatekeeper communication
Keep
Port: 31789

Advanced

HackaTack trojan
Keep
Port: 31791

Advanced

HackaTack trojan
Keep
Port: 5499

Advanced

Hotline tracker connections
Keep
Port: 4000

Advanced

Mirabilis ICQ versions
IKE
Keep
Port: 500

Advanced

IPSEC Internet Key Exchange Protocol
(formerly ISAKMP/Oakley)
Keep
Port: 22555

Advanced

Vocaltec Internet Phone
Keep
Port: 750

Advanced

secure method for authenticating a request
for service
Keep
Port: 88

Advanced

Kerberos authentication protocol (version 5)
Keep
Port: 1701

Advanced

Layer 2 Tunneling Protocol
Keep
Port: 5004

Advanced

Check Point Meta IP UAM Client-Server
Communication
Keep
Port: 2727

Advanced

Supported from version R55W, Media Gateway
Control Protocol - Call-Agent port
Keep
Port: 2427

Advanced

Supported from version R55W, Media Gateway
Control Protocol - Media Gateway port
Keep
Port: 445

Advanced

Microsoft CIFS over UDP
Keep
Port: 1434

Advanced

Microsoft-SQL-Monitor_UDP
Keep
Port: 1433

Advanced

Microsoft SQL Server
Keep
Port: 1863

Advanced

Microsoft Network Messenger UDP
Keep
Port: 5190

Advanced

Microsoft Network Messenger
Keep
Port: 6901

Advanced

Microsoft Network Messenger Voice
communication
Keep
Port: 1434

Advanced

MS SQL Sapphire /SQL Slammer Worm
Keep
Port: 42

Advanced

Host Name Server
Keep
Port: 138

Advanced

NetBios Datagram Service
Keep
Port: 137

Advanced

NetBios Name Service
Keep
Port: 1812

Advanced

NEW - Remote Authentication Dial-In User
Service
Keep
Port: 1813

Advanced

NEW - Remote Authentication Dial-In User
Service accounting
Keep
Port: 2049

Advanced

Network File System Daemon over UDP (earlier
versions of NFS)
Keep
Port: 1201

Advanced

NoBackO trojan
Keep
Port: 123

Advanced

Network Time Protocol (UDP)
Keep
Port: 5632

Advanced

PCs remote access security software, status
Keep
Port: 1645

Advanced

Remote Authentication Dial-In User Service
Keep
Port: 1646

Advanced

Remote Authentication Dial-In User Service
accounting
Keep
Port: 6372

Advanced

RainWall daemons communication
Keep
Port: 6374

Advanced

RainWall remote management status
Keep
Port: 6373

Advanced

RainWall monitoring
RDP
Keep
Port: 259

Advanced

Check Point VPN-1 FWZ Key Negotiations -
Reliable Datagram Protocol
Keep
Port: 1104

Advanced

RexxRave trojan
rip
Keep
Port: 520

Advanced

Routing Information Protocol
Keep
Port: 521

Advanced

Routing Information Protocol for IPv6
Keep
Port: 5500

Advanced

Token based Authentication service (UDP)
sip
Keep
Port: 5060

Advanced

Session Initiation Protocol
Keep
Port: 5060

Advanced

Session Initiation Protocol
Keep
Port: 161

Advanced

Simple Network Management Protocol
Keep
Port: 161

Advanced

Simple Network Management Protocol - Read
Only
Keep
Port: 162

Advanced

Simple Network Management Protocol Traps
Keep
Port: 9281

Advanced

VPN-1 Embedded/SofaWare commands
Keep
Port: 9282

Advanced

VPN-1 embedded / SofaWare Management Server
(SMS)
Keep
Port: 514

Advanced

UNIX syslog Protocol, control system log
Keep
Port: 49

Advanced

Terminal Access Controller Access Control
System over UDP
Keep
Port: 69

Advanced

Trivial File Transfer Protocol
Keep
Port: 37

Advanced

Time Server Protocol (UDP)
Keep
Port: 18234

Advanced

Check Point tunnel testing application
Keep
Port: >1023

Advanced

UDP Ports 1024-65535
Keep
Port: 2746

Advanced

Check Point VPN-1 SecuRemote IPSEC Transport
Encapsulation Protocol
Keep
Port: 9200

Advanced

Wireless Datagram Protocol: a simplified
protocol suitable for low bandwidth mobile
stations enables a connectionless mode.
Keep
Port: 9202

Advanced

Wireless Datagram Protocol with Wireless
Transport Layer Security
Keep
Port: 9201

Advanced

Wireless Transaction Protocol: a simplified
protocol suitable for low bandwidth mobile
stations enables a connection mode.
Keep
Port: 9203

Advanced

Wireless Transaction Protocol with Wireless
Transport Layer Security
who
Keep
Port: 513

Advanced

UNIX who Protocol, who is on the system
Keep
Port: 6257

Advanced

Also uses Napster ports
Keep
Port: 5000-5010

Advanced

Yahoo Messenger Voice Chat
RPC
Keep
Program Number: 100235
 
SUN NFS/RPC file system cachefs daemon
Keep
Program Number: 100068
 
Calendar Manager Service Daemon
Keep
Program Number: 100005
 
Initiate client access to NFS application
Keep
Program Number: 100003
 
RPCs Network File System (Ordinary)
Keep
Program Number: 100300
 
NIS+ later version provides additional
security and other facilities
Keep
Program Number: 100021
 
RPC, Network Lock Manager
Keep
Program Number: 150001
 
PCs (windows client) password authorization
Keep
Program Number: 100001
 
RPC, Remote statistics
Keep
Program Number: 100008
 
RPC, Shutdown messages
Keep
Program Number: 100232
 
Solstice AdminSuite
Keep
Program Number: 100249
 
SUN SNMP to DMI mapper daemon
Keep
Program Number: 100024
 
Network status monitor daemon
Keep
Program Number: 100083
 
ToolTalk database server
Keep
Program Number: 100007
 
Sun Yellow Pages binder (NIS), provide
servers addressing information
Keep
Program Number: 100009
 
Sun Yellow Pages protocol (NIS), password
server
Keep
Program Number: 100004
 
Sun Yellow Pages directory service (YP)
protocol, now known as NIS
Keep
Program Number: 100028
 
Sun Yellow Pages protocol (NIS), update
service
Keep
Program Number: 100069
 
Sun Yellow Pages protocol (NIS), transfers
NIS maps
ICMP
Keep
Type: 3
Code: -
 
ICMP, destination unreach
Keep
Type: 0
Code: -
 
ICMP, echo reply
Keep
Type: 8
Code: -
 
ICMP, echo request
Keep
Type: 16
Code: -
 
ICMP, info reply
Keep
Type: 15
Code: -
 
ICMP, info request
Keep
Type: 18
Code: -
 
ICMP, mask reply
Keep
Type: 17
Code: -
 
ICMP, mask request
Keep
Type: 12
Code: -
 
ICMP, parameters problem
Keep
Type: 5
Code: -
 
ICMP, route redirect
Keep
Type: 4
Code: -
 
ICMP, source quench
Keep
Type: 11
Code: -
 
ICMP, time to live exceeded
Keep
Type: 13
Code: -
 
ICMP, timestamp request
Keep
Type: 14
Code: -
 
ICMP, timestamp reply
Other
AH
Keep
IP Protocol: 51

Advanced

IPSEC Authentication Header Protocol
Keep
IP Protocol: 17

Advanced

PUSH Web applications, send information
directly to desktops. over the Internet
egp
Keep
IP Protocol: 8

Advanced

Exterior Gateway Protocol, convey
net-reachability information between gateways
ESP
Keep
IP Protocol: 50

Advanced

IPSEC Encapsulating Security Payload Protocol
Keep
IP Protocol: 17

Advanced

FreeTel Incoming Connections
Keep
IP Protocol: 17

Advanced

real-time full-duplex voice communication
via the Internet-client
Keep
IP Protocol: 6

Advanced

FTP Port Mapping Service
Keep
IP Protocol: 94

Advanced

Check Point VPN-1 SecuRemote FWZ
Encapsulation Protocol
ggp
Keep
IP Protocol: 3

Advanced

Gateway-to-Gateway protocol
gre
Keep
IP Protocol: 47

Advanced

 
Keep
IP Protocol: 17

Advanced

GTP Reverse Connections
Keep
IP Protocol: 17

Advanced

GTP version 0 path management
Keep
IP Protocol: 17

Advanced

GTP version 1 path management
Keep
IP Protocol: 6

Advanced

HTTP Port Mapping Service
Keep
IP Protocol: 6

Advanced

HTTP without SCV enforcement
Keep
IP Protocol: 1

Advanced

Internet Control Message Protocol
Keep
IP Protocol: 2

Advanced

Internet Group Management Protocol
Keep
IP Protocol: 9

Advanced

Cisco Interior Gateway Routing Protocol
Keep
IP Protocol: 89

Advanced

Open Shortest Path First Interior GW Protocol
Keep
IP Protocol: -1

Advanced

Filter IPv6 destination addresses based on
mask and length
Keep
IP Protocol: -1

Advanced

Filter IPv6 source addresses based on mask
and length
pim
Keep
IP Protocol: 103

Advanced

 
Keep
IP Protocol: 17

Advanced

Routing Information Protocol - response
Keep
IP Protocol: -1

Advanced

Supported from version R55W, it allows sip
connection to be opened on a dynamic port and
not on the sip well-known port
SIT
Keep
IP Protocol: 41

Advanced

IPv6 encasulated in IPv4
Keep
IP Protocol: 109

Advanced

Sitara Networks Protocol (SpeedSeeker)
Keep
IP Protocol: 41

Advanced

 
Keep
IP Protocol: 57

Advanced

IPSEC Simple Key Management for Internet
Protocols
Keep
IP Protocol: 6

Advanced

SMTP Port Mapping Service
Keep
IP Protocol: 17

Advanced

Simple Network Management Protocol - Read
Only
Keep
IP Protocol: 17

Advanced

UNIX Traceroute, print the route packets
take to network host
Keep
IP Protocol: 17

Advanced

tunnel testing for a module performing the
tunnel test
Keep
IP Protocol: 112

Advanced

Virtual Router Redundancy Protocol
Keep
IP Protocol: 6

Advanced

X Window System With Authorization
ZSP
Keep
IP Protocol: 6

Advanced

Zone Security Protocol
DCE-RPC
Keep
Interface UUID: 00000000-0000-0000-0000-000000000000
Special Service For Allowing All DCE-RPC
Services
Keep
Interface UUID: 99fcfec4-5260-101b-bbcb-00aa0021347a
Object eXport IDentifier Resolver Interface
Keep
Interface UUID: 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57
DCOM Remote Activation
Keep
Interface UUID: 00000143-0000-0000-c000-000000000046
Remote Unknown2 DCOM Interface
Keep
Interface UUID: 000001a0-0000-0000-c000-000000000046
DCOM SystemActivation Interface
Keep
Interface UUID: 9e0c0224-3654-0000-9a8d-08000949ab4c
HP-OV OpC Control Agent
Keep
Interface UUID: 8d5cae88-43c9-0000-94f1-0800096df3a6
HP-OV OpC Control Agent (Bulk)
Keep
Interface UUID: 0d8fe322-d6ee-11d2-b858-0800096df3a6
HP-OV OpC Control Agent (cfgpush)
Keep
Interface UUID: 5df3dc6f-a568-0000-020f-887805000000
HP-OV OpC Distribution Manager
Keep
Interface UUID: e0c92330-3ba9-0000-a38b-0800096df3a6
HP-OV OpC Message receiver (COA)
Keep
Interface UUID: 6e0b494b-d551-0000-020f-88781a000000
HP-OV OpC Message Receiver (M2M)
Keep
Interface UUID: 6d63f833-c0a0-0000-020f-887818000000
HP-OV OpC Message Receiver
Keep
Interface UUID: 12345678-1234-abcd-ef00-01234567cffb
Microsoft Exchange 2000 Active Directory
Logon
Keep
Interface UUID: 1544f5e0-613c-11d1-93df-00c04fd7bd09
Microsoft Exchange 2000 Directory Reference
Keep
Interface UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2
Microsoft Exchange 2000 Directory Replication
Keep
Interface UUID: f5cc5a18-4264-101a-8c59-08002b2f8426
Microsoft Exchange Directory Services (NSPI)
Keep
Interface UUID: f5cc59b4-4264-101a-8c59-08002b2f8426
Microsoft Exchange Directory Replication
Services
Keep
Interface UUID: f5cc5a7c-4264-101a-8c59-08002b2f8426
Microsoft Exchange Directory Services XDS
Keep
Interface UUID: a4f1db00-ca47-1067-b31f-00dd010662da
Microsoft Exchange Information Store
Keep
Interface UUID: 9e8ee830-4459-11ce-979b-00aa005ffebe
Microsoft Exchange Message Transfer Agent
Keep
Interface UUID: 89742ace-a9ed-11cf-9c0c-08002be7ae86
Microsoft Exchange Store Administration
Keep
Interface UUID: 469d6ec0-0d87-11ce-b13f-00aa003bac6c
Microsoft Exchange System Attendant
Keep
Interface UUID: 83d72bf0-0d89-11ce-b13f-00aa003bac6c
Microsoft Exchange System Attendant Private
GTP
 
GTP version: v0
Port: 3386

Advanced

 
 
GTP version: v0
Port: 3386

Advanced

 
 
GTP version: v0
Port: 3386

Advanced

 
 
GTP version: v0
Port: 3386

Advanced

 
 
GTP version: v0
Port: 3386

Advanced

GPRS Tunneling Protocol version 0
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152

Advanced

 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152

Advanced

 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152

Advanced

 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152

Advanced

 
 
GTP version: v1
Control Plane Port: 2123
User Plane Port: 2152

Advanced

GPRS Tunneling Protocol version 1

Service Groups

Service GroupMembersComments
AOL
ICQ_locator
AOL Instant Messenger. Also used by: ICQ &
Apple iChat
telnet
ftp
http
login
Authenticated group
microsoft-ds
NBT
Common Internet File System Services
Citrix_ICA
Citrix_ICA_Browsing
group for citrix communication
CPD
FW1
FW1_ica_pull
FW1_log
 
daytime-tcp
daytime-udp
Daytime Protocol group (TCP/UDP)
Direct_Connect_TCP
Direct_Connect_UDP
Direct Connect P2P application. Used also by
other clients
discard-tcp
discard-udp
Discard Protocol group (TCP/UDP)
dns
domain-tcp
domain-udp
Domain Name System (TCP/UDP)
echo-tcp
echo-udp
Echo Protocol group (TCP/UDP)
eDonkey_4661
eDonkey_4662
eDonkey_4665
eDonkey protocol. Used also by other clients.
Entrust-Admin
Entrust-KeyMgmt
Entrust CA Services
FreeTel-outgoing-server
FreeTel-outgoing-client
FreeTel Outgoing Connections
FW1_clntauth_telnet
FW1_clntauth_http
Check Point VPN-1 & FireWall-1 Client
Authentication
GNUtella_rtr_TCP
GNUtella_rtr_UDP
GNUtella_TCP
GNUtella_UDP
GNUtella P2P protocol (used by: BearShare,
ToadNode, Gnucleus, Xolox, LimeWire)
Hotline_client
Hotline_tracker
Hotline P2P protocol
echo-request
info-req
timestamp
mask-request
ICMP, requests group
ZSP
HTTP_wo_SCV
Accessing Integrity Server from SecureClient
AH
ESP
SKIP
IKE
VPN1_IPSEC_encapsulation
IPSEC Services
irc
irc1
irc2
Internet Relay Chat Protocol
kerberos-udp
Kerberos Protocol group (TCP/UDP)
AOL_Messenger
MSN_Messenger
Yahoo_Messenger
 
MS-SQL-Monitor
MS-SQL-Monitor_UDP
MS-SQL-Server
MS-SQL-Server_UDP
MS-SQL Server Protocols
MSExchangeDSNSPI
MSExchangeIS
MSExchangeDirRef
Microsoft Exchange Client-Server over MAPI
MSExchangeADL
MSExchangeDirRep
MSExchangeDirRef
Microsoft Exchange 2000 Extensions
MSExchangeDSXDS
MSExchangeSysAtt
MSExchangeSysAttPriv
MSExchangeStoreAdm
Microsoft Exchange Remote Administration
MSExchangeDSNSPI
MSExchangeDSRep
MSExchangeMTA
Microsoft Exchange MAPI Site Connector
MSN_Messenger_1863_UDP
MSN_Messenger_5190
MSN_Messenger_File_Transfer
MSN_Messenger_Voice
MSNP
MSN Messenger
Napster_Client_6600-6699
Napster_directory_4444
Napster_directory_5555
Napster_directory_6666
Napster_directory_7777
Napster_directory_8888_primary
Napster_redirector
Napster P2P protocol
NBT
nbname
nbdatagram
nbsession
NetBios Services
H323
ldap
Netmeeting group (H323 & Ldap)
NFS
mountd
nfsd
nfsd-tcp
nfsprog
nlockmgr
pcnfsd
Network File System Services
NIS
ypbind
yppasswd
ypserv
ypupdated
ypxfrd
Network Information Services (YP)
ntp
ntp-tcp
ntp-udp
Network Time Protocol group (TCP/UDP)
OAS
OAS-NameServer
OAS-ORB
Oracle Application Server (IIOP)
Orbix-1570
Orbix-1571
IONA Orbix Daemon (IIOP)
Blubster
Direct_Connect
eDonkey
GNUtella
GoToMyPC
Hotline
iMesh
KaZaA
Madster
Napster
WinMX
 
pcANYWHERE-data
pcANYWHERE-stat
Symantec pcANYWHERE
pcANYWHERE
pcTELECOMMUTE-FileSync
Symantec pcTELECOMMUTE
pptp-tcp
gre
Point-to-Point Tunneling group, (pptp & gre)
RainWall_Command
RainWall_Daemon
RainWall_Status
RainWall hi