07-01-2013 02:28 AM
Hi,
-----------------------------------------------------------------------
A new 'cotp' App-ID will be available in the upcoming content update for the ISO transport protocol 8073 over TCP. When allowing applications such as ms-rdp, t.120, and iccp, that use the COTP protocol, a policy change will be required to handle the dependency.
-----------------------------------------------------------------------
ISO8073 is the same as ITU-T Recommendation x.224, right?
Therefore, can we recognize that 'cotp' should identify x.224?
If it is right, why didn't you name the application 'x.224'?
I think x.224 is better known than cotp...
Or Was there any particular reason?
Regards,
Tomoyuki Komure
07-02-2013 06:14 AM
FYI:
Update from PA:
"We received feedback from customers based on the advance notice provided earlier in the week, about impact to security policy for ms-rdp traffic specifically in PAN-OS versions before 5.0. We reviewed it internally and have determined not to release the cotp App-ID now. We will be looking at ways to create App-Ids for applications that use COTP without introducing an explicit dependency for ms-rdp. Sorry for the inconvenience caused."
07-02-2013 04:03 PM
WHat is COTP :COTP app will be used by any ISO applications that have been ported to run on TCP/IP. E.g. X.400 is a mail handling system.
T.120 and MS-RDP also use it.
Reason : This application was earlier identified under iccp .Since iccp and x.400 are based on cotp, COTP decoder was chosen to identify these 2 apps.
HTH
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
