Deployment Guide
v5.0
Search this version
Deployment Guide
Deployment Guide
Title
Message
Create new category
What is the title of your new category?
Edit page index title
What is the title of the page index?
Edit category
What is the new title of your category?
Edit link
What is the new title and URL of your link?
Protocols Supported For Inspection and Analysis
Copy Markdown
Open in ChatGPT
Open in Claude
Our NDR provides full protocol decoding, anomaly detection, structured logging, and file extraction support for the protocols below.
Detailed Protocol Support Table:
| Protocol Category | Protocol | Decoding | Anomaly Detection | File Extraction | Logging | Notes |
|---|---|---|---|---|---|---|
| Link / L2 | Ethernet / VLAN / QinQ | Yes | Yes | No | Yes | Full header parsing |
| Network | IPv4 / IPv6 / ICMP | Yes | Yes | No | Yes | Fragment reassembly |
| Transport | TCP / UDP | Yes | Yes | No | Yes | Stream reassembly |
| Application (IT) | HTTP / HTTP2 | Yes | Yes | Yes | Yes | URI, headers, body |
| Application (IT) | TLS | Yes | Yes | No | Yes | JA3 / JA4 / certs |
| Application (IT) | DNS | Yes | Yes | No | Yes | Query/response |
| Application (IT) | SMTP | Yes | Yes | Yes | Yes | Attachments |
| Application (IT) | SSH | Yes | Yes | No | Yes | Version / key exchange |
| Application (IT) | SMB (v1–v3) | Yes | Yes | Yes | Yes | File transfers |
| Application (IT) | FTP | Yes | Yes | Yes | Yes | Data channel |
| Application (IT) | RDP | Yes | Yes | No | Yes | Basic session |
| Application (IT) | QUIC | Yes | Yes | No | Yes | JA4 / ALPN |
| OT / ICS | Modbus | Yes | Yes | Yes | Yes | Industrial commands |
| OT / ICS | DNP3 | Yes | Yes | No | Yes | SCADA |
| OT / ICS | ENIP / CIP | Yes | Yes | Yes | Yes | Rockwell |
| OT / ICS | S7comm | Yes | Yes | Yes | Yes | Siemens |
| OT / ICS | BACnet | Yes | Yes | No | Yes | Building automation |
| OT / ICS | IEC104 | Yes | Yes | No | Yes | Power grid |
| VoIP | SIP / SDP | Yes | Yes | No | Yes | Session setup |
VariableType to search · ESC to discard
GlossaryType to search · ESC to discard
InsertType to search · ESC to discard
No matches
Last updated on
Was this page helpful?
Next to read:
Communication Ports and Protocolsnull
Discard Changes
Do you want to discard your current changes and overwrite with the template?
Archive Synced Block
Message
Create new Template
What is this template's title?
Delete Template
Message