Unknown or unidentified protocol traffic that appears in an ISA Server report does not indicate that damaging network traffic has been sent to the ISA Server computer. ISA Server cannot identify all protocols. Therefore, ISA Server may classify many protocols or types of network traffic as unknown. ISA Server considers the following network traffic to be unknown or unidentified:
- Network traffic that does not match any protocol definition. This traffic typically includes primary connections.
- Network traffic that no application filter takes responsibility for. This traffic typically includes secondary connections.
Note By default, ISA Server's monitoring tool does not include the transport in the display. If you right-click a field on the top of the first set of headers in the
Logging tab, you can select
Add/remove columns. Here you can configure the fields that will be visible. You may want to add the transport field, among others, to help you determine the protocol definition that you want to create to filter a particular traffic type.