Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

An unknown network protocol appears in an ISA Server report


View products that this article applies to.

Introduction

When you generate a report in Microsoft Internet Security and Acceleration (ISA) Server 2004, a protocol value of Unknown may appear for certain network traffic in the Protocols area of the report. You expect ISA Server to identify the protocols that are used to carry network traffic.

↑ Back to the top


More information

Unknown or unidentified protocol traffic that appears in an ISA Server report does not indicate that damaging network traffic has been sent to the ISA Server computer. ISA Server cannot identify all protocols. Therefore, ISA Server may classify many protocols or types of network traffic as unknown. ISA Server considers the following network traffic to be unknown or unidentified:
  • Network traffic that does not match any protocol definition. This traffic typically includes primary connections.
  • Network traffic that no application filter takes responsibility for. This traffic typically includes secondary connections.
Note By default, ISA Server's monitoring tool does not include the transport in the display. If you right-click a field on the top of the first set of headers in the Logging tab, you can select Add/remove columns. Here you can configure the fields that will be visible. You may want to add the transport field, among others, to help you determine the protocol definition that you want to create to filter a particular traffic type.

↑ Back to the top


Keywords: KB838363, kbinfo, kbenv, kbfirewall

↑ Back to the top

Article Info
Article ID : 838363
Revision : 4
Created on : 1/15/2005
Published on : 1/15/2005
Exists online : False
Views : 334