Understanding Microsoft RPC ALGs

Microsoft Remote Procedure Call (MS RPC) is the Microsoft implementation of the Distributed Computing Environment (DCE) RPC. Like the Sun RPC, MS RPC provides a way for a program running on one host to call procedures in a program running on another host. Because of the large number of RPC services and the need to broadcast, the transport address of an RPC service is dynamically negotiated based on the service program's Universal Unique IDentifier (UUID). The specific UUID is mapped to a transport address.

Junos OS devices running Junos OS support MS RPC as a predefined service and allow and deny traffic based on a policy you configure. The Application Layer Gateway (ALG) provides the functionality for Juniper Networks devices to handle the dynamic transport address negotiation mechanism of the MS RPC, and to ensure UUID-based security policy enforcement. You can define a security policy to permit or deny all RPC requests, or to permit or deny by specific UUID number. The ALG also supports route mode and Network Address Translation (NAT) mode for incoming and outgoing requests.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding RPC ALGs
• Enabling Microsoft RPC ALGs (J-Web Procedure)
• Enabling Microsoft RPC ALGs (CLI Procedure)
• Understanding Microsoft RPC Services
• Understanding Sun RPC ALGs
• Verifying the Microsoft RPC ALG Tables