Protocol types with ID numbers of 137 or greater are reserved and undefined at this time. Therefore, there is no way to know in advance if a particular unknown protocol is benign or malicious.
Before You Begin |
---|
For background information, read Understanding Unknown Protocol Protection. |
You can use either J-Web or the CLI configuration editor to drop packets that use an unknown protocol. The specified security zone is the one from which the packets originates.
This topic covers:
To configure zones:
To configure screens:
- user@host# set security zones security-zone
zone screen unknown-protocol
- user@host# set security screen ids-option
unknown-protocol ip unknown-protocol