Layer 7 application identification identifies which application a particular packet or flow is generated by, independent of the port that is being used.
Enforcement based on application identity enables users to allow or deny applications to run on any port, or to force applications to run on their standard port. Deep Packet Inspection (DPI) enables matching packet payload against defined patterns, commonly referred to as signatures. Layer 7 service objects can be used for port-independent enforcement or to create new service objects that leverage a combination of Layer 7 application identity, protocol and port. Layer 7 based service objects can be used in the firewall rule table and Service Composer, and application identification information is captured in Distributed Firewall logs, and Flow Monitoring and Application Rule Manager (ARM) when profiling an application.
| GUID | Description | Type |
|---|---|---|
| 360ANTIV | 360 Safeguard is a program developed by Qihoo 360, an IT company based in China | Web Services |
| ACTIVDIR | Microsoft Active Directory | Networking |
| AD_BKUP | Microsoft Active Directory Backup Service | Networking |
| AD_NSP | Microsoft Active Directory Service Provider | Networking |
| AMQP | Advanced Message Queueing Protocol, is an application layer protocol which supports business message communication between applications or organizations | Networking |
| AVAST | Traffic generated by browsing Avast.com official website of Avast! Antivirus downloads | Web Services |
| AVG | AVG Antivirus/Security software download and updates | File Transfer |
| AVIRA | Avira Antivirus/Security software download and updates | File Transfer |
| BLAST | A remote access protocol that compresses, encrypts, and encodes a computing experiences at a data center and transmits it across any standard IP network for VMware Horizon desktops. | Remote Access |
| BDEFNDER | BitDefender Antivirus/Security software download and updates. | File Transfer |
| CA_CERT | Certification authority (CA) issues digital certificates which certifies the ownership of a public key for message encryption | Networking |
| CIFS | CIFS (Common Internet File System) is used to provide shared access to directories, files, printers, serial ports, and miscellaneous communications between nodes on a network | File Transfer |
| CLRCASE | A software tool for revision control of source code and other software development assets. It is developed by the Rational Software division of IBM. ClearCase forms the base of revision control for many large and medium sized businesses and can handle projects with hundreds or thousands of developers | Networking |
| CTRXCGP | Citrix Common Gateway Protocol | Remote Access |
| CTRXGOTO | Hosting Citrix GoToMeeting, or similar sessions based on the GoToMeeting platform. Includes voice, video, and limited crowd management functions | Collaboration |
| CTRXICA | ICA (Independent Computing Architecture) is a proprietary protocol for an application server system, designed by Citrix Systems | Remote Access |
| DCERPC | Distributed Computing Environment / Remote Procedure Calls, is the remote procedure call system developed for the Distributed Computing Environment (DCE) | Networking |
| DIAMETER | An authentication, authorization, and accounting protocol for computer networks | Networking |
| DNS | Querying a DNS server over TCP or UDP | Networking |
| EPIC | Epic EMR is an electronic medical records application that provides patient care and healthcare information. | Client Server |
| ESET | Eset Antivirus/Security software download and updates | File Transfer |
| FPROT | F-Prot Antivirus/Security software download and updates | File Transfer |
| FTP | FTP (File Transfer Protocol) is used to transfer files from a file server to a local machine | File Transfer |
| GITHUB | Web-based Git or version control repository and Internet hosting service | Collaboration |
| HTTP | (HyperText Transfer Protocol) the principal transport protocol for the World Wide Web | Web Services |
| HTTP2 | Traffic generated by browsing websites that support the HTTP 2.0 protocol | Web Services |
| IMAP | IMAP (Internet Message Access Protocol) is an Internet standard protocol for accessing email on a remote server | |
| KASPRSKY | Kaspersky Antivirus/Security software download and updates | File Transfer |
| KERBEROS | Kerberos is a network authentication protocol designed to provide strong authentication for client/server applications by using secret-key cryptography | Networking |
| LDAP | LDAP (Lightweight Directory Access Protocol) is a protocol for reading and editing directories over an IP network | Database |
| MAXDB | SQL connections and queries made to a MaxDB SQL server | Database |
| MCAFEE | McAfee Antivirus/Security software download and updates | File Transfer |
| MSSQL | Microsoft SQL Server is a relational database. | Database |
| NFS | Allows a user on a client computer to access files over a network in a manner similar to how local storage is accessed | File Transfer |
| NTBIOSNS | NetBIOS Name Service. In order to start sessions or distribute datagrams, an application must register its NetBIOS name using the name service | Networking |
| NTP | NTP (Network Time Protocol) is used for synchronizing the clocks of computer systems over the network | Networking |
| OCSP | An OCSP Responder verifying that a user's private key has not been compromised or revoked | Networking |
| ORACLE | An object-relational database management system (ORDBMS) produced and marketed by Oracle Corporation. | Database |
| PANDA | Panda Security Antivirus/Security software download and updates. | File Transfer |
| PCOIP | A remote access protocol that compresses, encrypts, and encodes a computing experiences at a data center and transmits it across any standard IP network. | Remote Access |
| POP2 | POP (Post Office Protocol) is a protocol used by local e-mail clients to retrieve e-mail from a remote server. | |
| POP3 | Microsoft's implementation of NetBIOS Name Service (NBNS), a name server and service for NetBIOS computer names. | |
| RADIUS | Provides centralized Authentication, Authorization, and Accounting (AAA) management for computers to connect and use a network service | Networking |
| RDP | RDP (Remote Desktop Protocol) provides users with a graphical interface to another computer | Remote Access |
| RTCP | RTCP (Real-Time Transport Control Protocol) is a sister protocol of the Real-time Transport Protocol (RTP). RTCP provides out-of-band control information for an RTP flow. | Streaming Media |
| RTP | RTP (Real-Time Transport Protocol) is primarily used to deliver real-time audio and video | Streaming Media |
| RTSP | RTSP (Real Time Streaming Protocol) is used for establishing and controlling media sessions between end points | Streaming Media |
| RTSPS | A secure network control protocol designed for use in entertainment and communications systems to control streaming media servers. The protocol is used for establishing and controlling media sessions between end points. | Streaming Media |
| SIP | SIP (Session Initiation Protocol) is a common control protocol for setting up and controlling voice and video calls | Streaming Media |
| SKIP | Simple Key Management for Internet Protocols (SKIP) is hybrid Key distribution protocol Simple Key Management for Internet Protocols (SKIP) is similar to SSL, except that it establishes a long-term key once, and then requires no prior communication in order to establish or exchange keys on a session-by-session basis. | Networking |
| SMTP | SMTP (Simple Mail Transfer Protocol) An Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP) networks. | |
| SNMP | SNMP (Simple Network Management Protocol) is an Internet-standard protocol for managing devices on IP networks. | Network Monitoring |
| SQLNET | Networking software that allows remote data-access between programs and the Oracle Database, or among multiple Oracle Databases. | Database |
| SQLSERV | SQL Services | Database |
| SSH | SSH (Secure Shell) is a network protocol that allows data to be exchanged using a secure channel between two networked devices. | Remote Access |
| SSL | SSL (Secure Sockets Layer) is a cryptographic protocol that provides security over the Internet. | Web Services |
| SVN | Managing content on a Subversion server. | Database |
| SYMUPDAT | Symantec LiveUpdate traffic, this includes spyware definitions, firewall rules, antivirus signature files, and software updates. | File Transfer |
| SYSLOG | Symantec LiveUpdate traffic, this includes spyware definitions, firewall rules, antivirus signature files, and software updates. | Network Monitoring |
| TELNET | A network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented communications facility using a virtual terminal connection. | Remote Access |
| TFTP | TFTP (Trivial File Transfer Protocol) being used to list, download, and upload files to a TFTP server like SolarWinds TFTP Server, using a client like WinAgents TFTP client. | File Transfer |
| VNC | Traffic for Virtual Network Computing. | Remote Access |
| WINS | Microsoft's implementation of NetBIOS Name Service (NBNS), a name server and service for NetBIOS computer names. | Networking |
