IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
EPMAP protocol
This protocol allows launching procedures that are remotely hosted (bootstrap) through the distribution of an MS-RPC service’s IP address and protocol. The options of this module may restrict the use of these relays. Dynamic connections can be opened on EPMAP (portmapper).
| Automatically detect and inspect the protocol |
If this protocol has been enabled, it will automatically be used for discovering corresponding packets in filter rules. |
Dynamic connections
As this protocol is used for relaying access to Microsoft services, the following options allow restricting the services and options relayed by the EPMAP server.
| Allow dynamic opening of MS RPC services connections |
This option allows MS RPC services to open connections without having to authorize them explicitly with a filter rule. |
| Block services provided by other servers than the EPMAP server |
If this option has been selected, only services relayed by the connection’s recipient EPMAP server will be authorized. |
| Only relay to Microsoft Exchange services |
If this option has been selected, only Microsoft Exchange services will be relayed by the EPMAP server. |
Support
| Disable intrusion prevention |
When this option is selected, the scan of the EPMAP protocol will be disabled and traffic will be authorized if the filter policy allows it |