SurfControl Web Filter v5.5 Administrator’s Guide 107
W
EB
F
ILTER
S
ETTINGS
Protocol Signatures Tab
9
PROTOCOL SIGNATURES TAB
The Protocol Signatures tab gives you the ability to enable signature scanning for certain Instant
Messenger, P2P and Web accelerator protocols. These protocols can establish connections with other
devices outside your corporate network, on a range of different ports, and are therefore known to be port-
agile. Web Filter monitors these protocols on specified static ports by default. If you enable protocol
signature scanning, these protocols will also be monitored by signature.
After selecting Enable Protocol Signature Scanning, you can choose a type of scanning method to
detect the Skype protocol:
• Detect Skype on all ports - This option is selected by default, and enables Web Filter to detect the
Skype protocol by signature on all ports. This option provides a higher level of protection but increases
the risk of falsely identifying other traffic as Skype. This option is recommended by SurfControl.
• Detect Skype on standard ports only (HTTP, HTTPS) - The Skype protocol will be detected by
signature on ports 80 (HTTP) and 443 (HTTPS) only. This scanning method provides a lower level of
protection, but decreases the risk of falsely identifying other traffic as Skype. To identify all possible
Skype connections, you must ensure other ports are managed by your firewall.
A full list of protocols which can be monitored by signature, are outlined in the table below:
Caution: Enabling Protocol Signature Scanning may have an impact on the performance of
your Web Filter server.
Table 9-1 Signature scanning protocols
Application Type Protocols
Instant Messaging
• MSN Messenger
• OSCAR (AIM/ICQ)
• XMPP (Jabber)
Peer to Peer (P2P)
•BitTorrent
• eDonkey
• FastTrack (Kazaa)
• Gnutella
• Skype
• Yahoo! Messenger
Web
• Google Web Accelerator