| Protocol | Description |
|---|
| flashplugin_update | Flash exchanges plug-in version numbers with Adobe servers. |
| adobe_update | The Adobe Update Manager maintains up-to-date versions of Adobe Acrobat Reader software. |
| aim_express | AOL Instant Messaging Express supports many of the standard features included in AIM, but does not provide advanced features like file transfer, audio chat, or video conferencing |
| aim_transfer | AIM is an instant messaging protocol |
| allmusic | Allmusic is an online music guide service website. This plug-in classifies navigation on the AllMusic web service, and MP3 music playback. Video clip streaming is handled by YouTube. |
| altiris | Altiris provides service-oriented management solutions for IT infrastructure management. |
| amazon_adsystem | This protocol plug-in classifies the traffic related to Amazon advertising services. |
| amazon_cloud_drive | Amazon Cloud Drive is a cloud application which allows photos and videos storage. |
| amazon | This protocol plug-in classifies the generic web traffic related to Amazon services. |
| amazon_mp3 | Amazon MP3 is an online music store owned and operated by Amazon.com. |
| amazon_video | Amazon Video is an online video on demand service owned and operated by Amazon.com. |
| amazon_aws | Amazon AWS is a cloud-computing platform offered by Amazon. It includes Amazon Elastic Compute Cloud (EC2) and Amazon Simple Storage Service (S3). |
| android_cnxmgr | Android connectivity manager is used by an android device to periodically check and manage internet connection. |
| aol | This protocol plug-in classifies the traffic related to the AOL portal. |
| aim | AIM (originally AOL Instant Messenger) is an instant messaging application. The protocol name is OSCAR (Open System for CommunicAtion in Realtime) and is used in both ICQ and AIM services. [ aim is also known as oscar.] Note: In Basic-DPI, Partial classification over http. |
| apple_airplay | Apple airplay is a protocol for display picture and video to a connected TV from a device connected to the same private network |
| apple_airport | Apple Airport is a protocol that helps to configure a wireless device. |
| apple_airprint | Apple Airprint is a network printing feature for Apple systems. It's based on the Dns Service Discovery protocol and IPP(needs URF format support). Note: In Basic-DPI, partial classification over http/ipp. |
| appstore | The Apple App Store is a digital application distribution platform for iOS developed and maintained by Apple Inc. |
| facetime | FaceTime is an Apple video calling software which runs on iOS based mobile devices. Note: In Basic-DPI, Partial classification of SIP audio call sessions. |
| apple | This protocol plug-in classifies the generic traffic related to Apple's web portal and content delivery services. |
| apple_hls | Apple implementation of the HTTP Live Streaming IETF draft. Used on Apple iOS devices. |
| apple_location | Apple Location is used to provide information about the location of an Apple device. |
| apple_maps | Apple Maps is a proprietary map application for iOS 6 devices. |
| apple_music | Apple Music is an on-demand music streaming service by Apple. |
| apns | Apple Push Notification Service is an Apple service which forwards notifications from the servers of third-party applications to iOS devices. |
| apple_siri | Advanced voice recognition system used on some Apple iPhone devices. |
| apple_update | Apple_update is the protocol used for Apple software updates. |
| asproxy | ASProxy is a free and open-source web proxy that allows the user to surf the internet anonymously. This plug-in classifies the usage of this proxy for web browsing as a fallback to other recognized applications/protocols. |
| atlassian | Atlassian is an Australian enterprise software company that develops products geared towards software developers and project managers. |
| bits | Background Intelligent Transfer Service (BITS) transfers files (downloads or uploads) between a client and server and provides progress information related to the transfers. |
| baidu_player | BaiduPlayer is a video player that can play local, online, and OnDemand videos. |
| baidu_wallet | Baidu Wallet is a money management application. |
| baidu | Baidu is a Chinese search engine for websites, audio files, and images. Note: In Basic-DPI, Partial classification of image and video searches. |
| bet365 | ONline betting site ( http://www.bet365.com ) |
| bitcoin | Bitcoin is a distributed payment system. |
| bittorrent | BitTorrent is a peer-to-peer protocol. [ bittorrent is also known as kadmelia.] Note: In Basic-DPI, Partial classification on certain file-download sessions using encryption. |
| bittorrent_application | BitTorrent Apps web access from the BitTorrent application. |
| bleep | Bleep is a fully encrypted and distributed instant messaging protocol created by the BitTorrent team. This protocol plug-in supports both text and voice discussions. |
| blackberry_locate | This protocol refers to all Blackberry mobile device communications about localization over wifi. |
| bbm | BBM is the messenger/voip/Video protocol for blackberry. This plug-in classifies the audio and video data flows of BlackBerry Messenger. |
| bbm_audio | bbm_audio is the voip layer of the blackberry's messenger. Note: In Basic-DPI, Partial classification over stun/bbm. |
| bbm_video | BBM_video is the video layer of the blackberry's messenger. Note: In Basic-DPI, Partial classification over stun. |
| blackberry | This protocol refers to all Blackberry mobile device communications over wifi. This includes the chat flows of BlackBerry Messenger. |
| bgp | Border Gateway Protocol (BGP) is an inter Autonomous Systems routing protocol used by most ISPs. |
| carbonite | Carbonite is a service that manages online backups. |
| ccproxy | CCProxy is a windows based software proxy. |
| chat_on | ChatON is a global mobile communication service introduced by Samsung Electronics. |
| chatroulette | Chatroulette is an online chat website. ( http://chatroulette.com ) |
| chrome_update | Chrome Update is the protocol for the updates of the Google chrome browser. |
| cdp | Cisco Discovery Protocol (CDP) is a layer 2 protocol used by Cisco network equipment to discover other Cisco network equipment present on a link. |
| meetingplace | MeetingPlace is a protocol used by the Cisco Unified MeetingPlace suite of voice, web, and video conferencing products. |
| netflow | NetFlow is a Cisco protocol that provides nearly real-time traffic monitoring, aggregation and statistic evaluation, multi-criteria data flow selection, using source/destination IP addresses, protocols, etc. |
| cups | The Common Unix Printer System (CUPS) protocol is a cross-platform printing solution for UNIX environments. It is based on the "Internet Printing Protocol" and it is compatible with Microsoft operating systems Windows 2000 and later. |
| crackle | crackle is an entertainment network and studio that distributes free movies, television shows, and original programming. |
| craigslist | Online classified ads mostly used in the US and Canada |
| dsi | The Data Stream Interface (DSI) is a session layer that carries Apple Filing Protocol traffic over Transmission Control Protocol (TCP). |
| db2 | DB2 is a relational model database server from IBM. It runs on IBM mainframes and is also available for Linux/Unix/Windows. |
| debian_update | Update protocol of APT, the Debian/Ubuntu packet manager. |
| dropbox | Dropbox is a free service that provides both web and smart application interfaces. |
| dropbox_download | Dropbox's file download service. |
| dropbox_upload | Dropbox's file upload service. |
| ebay | Online auction and shopping website. |
| edonkey | Edonkey is a peer-to-peer protocol. Classification is not guaranteed when the protocol obfuscation feature is enabled (feature appeared in eMule version 0.47b). [ edonkey is also known as kadmelia and emule.] |
| evernote | Web-based notes tool. |
| everquest | Everquest is a 3D multiplayer online role-playing game (MMORPG) for Windows platforms. |
| facebook | Facebook is a social network. |
| facebook_messenger | Facebook Messenger is a text and voice messaging application for mobile devices. |
| farmville | FarmVille is a farming simulation social network game developed by Zynga. |
| find_my_iphone | Application developed by Apple to find a lost iOS device. |
| firefox_update | Mozilla Firefox update protocol for the browser and its plugins. This only applies to updates made from the browser. This does not apply to manually downloaded updates. |
| flickr | Image hosting and sharing website with social and blogging services. |
| gre | The Generic Routing Encapsulation protocol (GRE) is used to generically encapsulate one protocol into another protocol. |
| github | Web-based code repository for open source software development. |
| gmail_basic | Gmail basic is the HTML version of the Google Webmail service. Encrypted traffic is classified as Gmail. |
| gmail_drive | GMAIL Drive is a Shell Namespace Extension that creates a virtual file system around a Google Mail account, allowing Gmail as a storage medium. GMAIL Drive is only classified over http and not over https. |
| gmail_mobile | Google webmail for mobile phones. This protocol decodes only the non-ciphered version. |
| gnunet | Framework for secure peer-to-peer networking mainly used for anonymous file sharing. It is part of the GNU project. |
| gnutella | Gnutella is a peer-to-peer protocol. [ gnutella is also known as kadmelia.] Note: In Basic-DPI, Partial classification during file download on Android. |
| google_accounts | Detects SSL access to the Google Accounts server. |
| google_analytics | Google Analytics is the enterprise-class web analytics solution that gives you rich insights into your website traffic and marketing effectiveness. |
| google_appengine | Google App Engine is a platform as a service (PaaS) cloud computing platform for developing and hosting web applications in Google-managed data centers. |
| google_cache | Google Cache saves a copy of the webpages found by the Google search engine. |
| google_calendar | Google Calendar is a free online calendar. |
| gmail_chat | Google chat is an online messaging tool. |
| gcm | Data exchange service between third-party server applications and Android client applications. This plug-in classifies the messages exchanged between the CCS 3rd party server and the GCM cloud servers, as well as the messages exchanged between the GCM cloud servers and the client Android device. |
| gcs | Online file storage web service for applications by Google. This plug-in classifies unsecured Client-to-Google servers web communications only. |
| google_docs | On-line file storage and sharing web-service. Most of the traffic is encrypted with generic Google certificates, and cannot be classified. Classification is correct for traffic under a proxy and some limited workflows. [ google_docs is also known as google_drive.] |
| google_earth | Google Earth is a program used to view a virtual Earth in 3D. |
| google_gen | This protocol is a generic layer used as a base for all the Google protocols. Note: In Basic-DPI, Partial classification over http. |
| google_groups | Google groups |
| gstatic | GStatic is a download server providing static resources (like CSS) or scripts for Google web applications. |
| gtalk | Google Hangouts is an instant messaging service available on desktop and mobile devices. The former Google Talk version uses XMPP, and provides both text and voice communication. This plug-in also classifies RTP Audio/Video streams of Google Hangouts using DNS Caching. [ gtalk is also known as google_hangouts.] |
| gmail | Gmail is the Google Webmail service. In Basic-DPI, gmail is sometimes classified as gmail_chat. |
| google_maps | A web service that lets users calculate routes and look at maps. The encrypted traffic is classified as google. |
| google_picasa | Google Picasa is a digital photo and video organizer used to edit and synchronize pictures or videos over the web. |
| google_play_music | Google Play Music is a music streaming service and online music locker. |
| google_play | Google Play Store (formerly Android Market) is an online software store developed by Google for Android OS devices. |
| google_plus | Google Plus is a social network. It is classified when sharing from an external link. Other traffic is classified as google or google_cache. |
| google_safebrowsing | Google Safe Browsing is a web-service and API for checking web pages against threats. This signature detects a Google Safebrowse Submission. |
| google_tags | Google Tag Manager is a tag manager for website and mobile applications. |
| google_toolbar | The Google Toolbar is an extension for Internet Explorer and Mozilla Firefox that provides features that include a search box, a pop-up blocker, and a translator. |
| google_translate | Google Translate is the Google translation tool. |
| google | This protocol is used for sending user queries to the Google search engine. |
| gotodevice | GoToDevice is a remote control and administration tool. |
| gotomeeting | GoToMeeting is an online meeting service developed by Citrix. In Basic-DPI, Partial classification over https. |
| gotomypc | Citrix GoToMyPC is a secured web-based remote access solution that lets a user take control of a PC/MAC from a web browser. |
| gtp | The GPRS Tunneling Protocol (GTP) is used to create a tunnel between the SGSN and GGSNs of a mobile operator network, thus allowing mobile station data to be transmitted. |
| gtpv2 | The GPRS Tunneling Protocol (GTP) version 2 is used in G4 mobile networks (LTE). It exchanges control messages between the MME, the SGW, and the PGW. |
| halflife | Half-Life and Half-Life 2 are first-person shooter video games developed by Valve Corporation. |
| hi5 | Hi5 is a social networking website. |
| high_entropy | High Entropy is a virtual protocol that detects potentially encrypted payloads for unknown sessions over tcp and udp. The classification of this layer is effective since the 4.18.0 version of the ixEngine framework. The classification is based on two methods: entropy value computation and printable strings detection. |
| hsrp | The Cisco Hot Standby Router Protocol (HSRP) lets you manage router redundancy in a network. |
| jetdirect | The Jetdirect protocol is used by HP network printers. |
| hulu | Hulu is a free Video-On-Demand and video sharing service. |
| http2 | HTTP/2 is the second major version of the HTTP network protocol used by the World Wide Web. |
| i2p | I2P (Invisible Internet Project) is an anonymous overlay network - a network within a network. It is intended to protect communication from dragnet surveillance and monitoring by third parties such as ISPs. |
| informix | Informix is a family of relational database management systems. It runs on IBM mainframes and is also available for Linux/Unix/Windows. |
| lotus_sametime | IBM Lotus Sametime is a client-server application and middleware platform that provides real-time, unified communications, and collaboration for enterprises. |
| lotus_live | Lotus live, now IBM SmartCloud, is a web-based collaborative suite of applications for enterprise, including mail, file transfer, meetings, and forms. |
| mq | Mq (IBM Websphere MQ) is an inter-application communication protocol. |
| icloud | iCloud is a cloud computing service developed by Apple Inc. that lets users store and share data. |
| iheartradio | iHeartRadio is an Internet radio service owned by iHeartMedia. |
| imessage_file_download | Apple Web Service that retrieves video messages sent between two iOS devices via the iMessage application. This signature only classifies video downloaded from the message receiver device. The video upload from the sender is classified as apns (Apple Push Notification) |
| imgur | A free online image hosting service. |
| ica | ICA (Independent Computing Architecture) is a communication protocol and property of the Citrix Company. In Basic-DPI, Partial classification over http. |
| instagram | Instagram is an online mobile photo-sharing and social networking service. |
| igmp | The Internet Group Management Protocol (IGMP) lets IP hosts report their multicast group membership to routers. |
| ipp | Internet Printing Protocol (IPP) is a standard for remote printing using Internet tools and technologies. |
| isakmp | The Internet Security Association and Key Management Protocol (ISAKMP) defines procedures and packet formats to establish, negotiate, modify, and delete Security Associations (SA). |
| iscsi | Internet Small Computer Systems Interface (iSCSI) as described in RFC3720. |
| ios_ota_update | iOS OTA Update is the protocol used for iOS updates Over The Air. |
| ipcomp | The ipcomp protocol (IP Payload Compression Protocol) is found over the IP layer (IANA protocol number: 108). |
| ip_in_ip | The ip_in_ip protocol (IP_within_IP Encapsulation Protocol) is found over the IP layer (IANA protocol number: 94). |
| ipsec | IPSec protocol provides services for securing hosts communications. IPsec provides two security services: Authentication Header (AH), which allows authentication of the sender, and Encapsulating Security Payload (ESP), which allows both authentication of the sender and encryption of data. |
| irc_transfer | This protocol transportsa data in IRC file transfer. |
| itunes | iTunes is an Apple proprietary digital media player application used for playing and organizing digital music and video files. |
| jabber_transfer | Jabber transfer is an open standard to transfer file between two Jabber clients. |
| java_update | Java Update is the protocol for update to the Java Virtual Machine (JVM). |
| jedi | JEDI is the name of the CITRIX streaming connection protocol. Note: In Basic-DPI, Partial classification over https. |
| kazaa | KaZaA is a peer-to-peer protocol. [ kazaa is also known as fasttrack.] |
| kik | KIK Messenger is a Chinese Instant Messaging service. |
| king | King is a mobile game editor. This plug-in handles King games content delivery traffic and King.com website access. |
| linkedin | LinkedIn is professional social network. |
| livemail_mobile | Livemail_mobile, now named Outlook, is the webmail for mobile phones. Encrypted traffic is classified as windowslive or live_hotmail. |
| mogulus | This protocol plug-in classifies the http traffic to the hosts livestream.com and a749.g.akamai.net. It also classifies the ssl traffic to the Common Name livestream.com. |
| logmein_rescue | Remote PC assistance software, accessible from a web browser using a proprietary plug-in. |
| magicjack | MagicJack is a VoIP service for home and business use, available as a mobile application and also with a proprietary device (magicJack PLUS). |
| mailru_agent | Mail.ru Agent is a cross-platform mobile messaging application that supports text, audio, and video. It is featured by Mail.ru. |
| maktoob | Maktoob is a webmail protocol. |
| mgcp | MGCP protocol is a signaling protocol for voice IP applications. |
| msrp | Message Session Relay Protocol (MSRP) is a protocol for transmitting instant messages, defined by RFC 4975. |
| activesync | Microsoft ActiveSync is a mobile data synchronization technology and protocol developed by Microsoft. |
| lync | Microsoft Lync IM, VoIP and desktop sharing services (Lync Server and Lync Online are supported). |
| lync_online | On-line version of the Microsoft Lync IM and VoIP services (included in Office 365). |
| office365 | Office 365 is a Microsoft on-line service which gives access to Office applications from the internet. |
| msrpc | Microsoft Remote Procedure Call (MSRPC) is the Microsoft implementation of the DCE RPC mechanism. |
| svcctl | This protocol is used to control remotely Windows services. Also known as MS-SCMR (Service Control Manager Remote Protocol). For further information, see https://msdn.microsoft.com/en-us/library/cc245832.aspx. |
| sharepoint | SharePoint is a web application platform designed as a centralized replacement for multiple web applications such as content management and document management systems. |
| sharepoint_admin | SharePoint is a web application platform designed as a centralized replacement for multiple web applications, like content management and document management systems. This plug-in classifies the administration back-end of SharePoint. Note: In Basic-DPI, Partial classification over http/sharepoint. |
| sharepoint_blog | SharePoint is a web application platform designed as a centralized replacement for multiple web applications such as content management and document management systems. This plug-in classifies the blog management module of SharePoint. |
| sharepoint_calendar | SharePoint is a web application platform designed as a centralized replacement for multiple web applications such as content management and document management systems. This plug-in classifies the calendar management module of SharePoint. |
| sharepoint_document | SharePoint is a web application platform designed as a centralized replacement for multiple web applications such as content management and document management systems. This plug-in classifies the document management module of SharePoint. Note: In Basic-DPI, Partial classification over http/sharepoint. |
| mpls_in_ip | The mpls_in_ip protocol (Multi Protocol Label Switching data-carrying mechanism) is found over the IP layer (IANA protocol number: 137). |
| nrdp | Nagios Remote Data Processor (NDRP) is a flexible data transport mechanism and processor for Nagios. |
| nrpe | Nagios Remote Plugin Executor (NRPE) is a Nagios agent that allows remote system monitoring using scripts that are hosted on the remote systems. |
| nspi | Name Service Provider Interface is a protocol used by Exchange. |
| netflix | Netflix is a site using Silverlight protocol to stream videos. Note: In Basic-DPI, Netflix is sometimes classified as http. |
| netmeeting_ils | Netmeeting ILS is the protocol used between Netmeeting and Internet Locator Servers (ILS). Netmeeting is a VoIP and multi-point videoconferencing client included in many versions of Microsoft Windows. An Internet Locator Server (ILS) is a directory used to find other users and facilitate rendezvous. |
| ntp | Network Time Protocol (NTP) is a time-synchronization system for computer clocks through the Internet network. |
| wfc | Wi-Fi Connection (WFC) is the Nintendo on-line gaming service for the Wii and DS video game systems. |
| sonmp | Nortel/SynOptics Network Management Protocol is a proprietary Nortel Networks management protocol. |
| okcupid | OkCupid is an online dating website. This plug-in both classifies browsing and file upload workflows. |
| ocsp | This network protocol is used for validating certificates. |
| oovoo | oovoo is an instant messenger application, with audio/video support. |
| ospf | OSPF (Open Short Path First) is a link state routing protocol used within large autonomous system networks. |
| opera_update | Opera Update is the protocol used for the update of the Opera browser. Note: In Basic-DPI, Partial classification over https. |
| orkut | Orkut is a social networking website competing with Facebook or Twitter, popular in Brazil and now owned and operated by Google Inc. |
| outlook | On-line Microsoft Outlook encrypted service, from the Office 365 productivity suite. |
| owa | Outlook Web App is used to access e-mail (including support for S/MIME), calendars, contacts, tasks, documents (used with SharePoint or in 2010 Office Web Apps), and other mailbox content when access to the Microsoft Outlook desktop application is unavailable. Note: In Basic-DPI, Partial classification over http. |
| paltalk | Paltalk is an instant messaging protocol. |
| paltalk_audio | Proprietary protocol used by Paltalk in audio chats. |
| paltalk_transfer | Paltalk is an instant messaging protocol |
| paltalk_video | Proprietary protocol used by Paltalk in video. |
| pandora | Pandora is a customizable music streaming service in the United States. |
| pastebin | A pastebin is a type of web application where anyone can store plain text. They are most commonly used to share short source code snippets for code review via Internet Relay Chat. |
| pastebin_posting | Pastebin_posting is used to classify posting workflow of the pastebin.com website |
| pcanywhere | PCAnywhere is a remote control solution. It can manage both Windows and Linux systems. Enhanced video performance and built-in AES 256-bit encryption help make communications fast and secure. PCAnywhere also features powerful file-transfer capabilities. |
| photobucket | Photo sharing web-service, with advanced editing features, available for desktop and mobile devices. |
| pinterest | On-line service that allows users to attach personal elements on an internet pinboard. |
| psn | PlayStation Network (PSN) is the on-line gaming service for consoles made by Sony. |
| plentyoffish | Free online dating site that is popular primarily in Canada, the UK, Australia, and the United States. This plug-in classifies both browsing and file upload workflows. |
| qik_video | QIK is a PC/smartphone application allowing live and VOD streaming from the web. The video chat additional feature is not supported yet. |
| qq | QQ is the most popular free instant messaging computer program in China. Note: In Basic-DPI, Partial classification over https. |
| qq_transfer | File transfer over QQ |
| qq_games | Tencent game portal providing game reviews, forum, news. |
| qq_mail | Tencent Webmail. |
| qq_weibo | QQ WeiBo is a Chinese Twitter-like micro-blogging website. It is part of Tencent's QQ. |
| qq_web | QQ.com is a multi-service Chinese web portal hosted by Tencent. Wechat traffic could appears on QQ Web |
| qqdownload | QQDownload is a Chinese download manager. Its purpose is to download files quickly using HTTP or the BitTorrent protocol. |
| qqlive | QQLive is an application intended to watch TV in Peer-to-Peer mode. |
| qqmusic | QQMusic is a Chinese peer-to-peer file sharing software for downloading and streaming audio files. |
| qqstream | QQStream is a Chinese peer-to-peer file sharing software. QQstream is a meta protocol which contains data stream of QQLive and QQMusic. |
| quake | Quake is a protocol allowing communication between Quake Clients and Quake servers. |
| quic | QUIC is an open networking protocol developed primarily at Google for transporting web content. |
| qvod | QVOD is a peer-to-peer based Video-On-Demand player. |
| rapidshare | RapidShare is an online solution to store, send and share files |
| rtsp | The Real Time Streaming Protocol (RTSP) is an application-level protocol for control over the delivery of data with real-time properties. RTSP provides an extensible framework to enable controlled, on-demand delivery of real-time data such as audio and video. |
| rdp | A key component of Terminal Server is the Remote Desktop Protocol, it allows a thin client to communicate with the Terminal Server over the network. This protocol is based on International Telecommunications Union's (ITU) T.120 protocol, an international, standard multichannel conferencing protocol currently used in the Microsoft NetMeeting conferencing software product. It is tuned for high-bandwidth enterprise environments and will also support encrypted sessions. |
| rpc | RPC (Remote Procedure Call) is a paradigm for implementing the client-server model of distributed computing. A request is sent to a remote system to execute a designated procedure using arguments supplied and the result is returned to the caller. |
| retroshare | Retroshare is a communication and file-sharing Open Source platform that is secured and decentralized. |
| rip1 | RIP1 (Routing Information Protocol Version 1) is a Distance Vector routing protocol used in Inter Autonomous Systems. |
| rip2 | RIP2 (Routing Information Protocol Version 2) is an enhancement of the Version 1 of the protocol. The main differences are the use of multicast instead of broadcast, and the support of variable length subnet mask networks, since subnets are now sent inside the updates. |
| ripng1 | RIPng (RIP New Generation) is intended to allow routers to exchange information for computing routes through an IPv6-based network. RIPng is a distance vector protocol. RIPng should be implemented only in routers since IPv6 provides other mechanisms for router discovery. |
| rovio | Rovio is a mobile game editor. This plug-in handles Rovio games content delivery traffic and Rovio website access. |
| rss | RSS is a family of web feed formats used to publish frequently updated works in a standardized format. Note: In Basic-DPI, Partial classification over http. |
| salesforce | Salesforce is an on-line customer relationship management web product. |
| sap | SAP is both a protocol and the name of an ERP application used by most companies. |
| secondlife | Secondlife is is an Internet-based virtual world which lets users interact with each other through motional avatars. |
| ssh | Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and a protocol for obtaining secure access to a remote computer. Note: In Basic-DPI, Partial classification over http. |
| stun | STUN (Session Traversal Utilities for NAT) allows a client behind a NAT to establish UDP tunnels between two hosts. |
| sharepoint_online | On-line version of the Microsoft Sharepoint services (included in Office 365). |
| silverlight | Silverlight is a Microsoft web browser plugin designed to render programable animations and to stream videos. It is similar to Adobe Flash: animated vector graphics, H264 video streaming. This plug-in classifies the Silverlight applications download over HTTP, and the HTTP video streaming from these applications (known as Microsoft Smooth Streaming). |
| soap | SOAP is a lightweight protocol based on XML, for exchanging structured information in a decentralized, distributed environment. Note: this protocol can be found in HTTP requests, but it won't be classified if some known web application or service was classified instead. Note: In Basic-DPI, Partial classification over http. |
| sccp | Skinny Client Control Protocol (SCCP) is a Cisco proprietary protocol used between Cisco Call Manager and Cisco VOIP phones. It is also supported by some other vendors. |
| slacker | Slacker Radio is an online music streaming service available from web browser and mobile application. |
| slingbox | Slingbox is a streaming protocol over the Internet used to watch and control TV shows received from your home devices. |
| snapchat | Snapchat is a photo/video sharing service. |
| socks5 | Socks 5 is an authentication protocol. |
| somud | SoMud is a BitTorrent client. This signature classifies BitTorrent tracker streams over http specific to the SoMud client. Data streams will be classified as bittorrent only. |
| soundcloud | SoundCloud is an online audio distribution platform where users can upload, promote and share their sounds with others. |
| sourceforge | Sourceforge is a web-based code repository for open source software development. |
| spdy | SPDY is an open networking protocol developed primarily at Google for transporting web content. Note: In Basic-DPI, Partial classification over https. |
| spotify | Spotify is an application of musical streaming. Note: In Basic-DPI, Partial classification over http. |
| squirrelmail | SquirrelMail is a web-based email application written in the PHP scripting language. |
| steam | Steam is a digital distribution, digital rights management, multiplayer and communications platform developed by Valve Corporation. |
| norton_update | Virus definitions and engine updates for the Symantec Norton anti-virus. |
| syslog | Syslog protocol is used for the transmission of event notification messages across networks between a client and a server. |
| sna | SNA (Systems Network Architecture) is IBM's mainframe network standards. |
| teamspeak | The proprietary TeamSpeak2 protocol is used by gamers and oriented TeamSpeak2 VoIP software. |
| teamspeak_v3 | TeamSpeak 3 continues the legacy of the original TeamSpeak communication system. TeamSpeak 3 is not merely an extension of its predecessors but rather a complete rewrite in C++ of its proprietary protocol and core technology. |
| teamviewer | TeamViewer is an application that enables a connection to a remote computer in order to perform maintenance operations. It is also possible to show the current display to a remote computer, to transfer files, and to create a VPN tunnel. |
| telnet | Telnet provides a fairly general, bi-directional, eight-bit byte oriented communications facility. Its primary aim is to provide a standard method of interfacing between terminal devices and terminal-oriented processes. |
| teredo | The Teredo protocol enables IPv6 tunnelling over UDP, traversing NATs, and with minimum over-head. |
| tacacs_plus | TACACS+ (Terminal Access Controller Access-Control System Plus) is a Cisco Systems proprietary protocol which provides access control for routers, network access servers and other networked computing devices via one or more centralized servers. |
| tibcordv | This protocol is used in the bank sector. |
| tor2web | Tor2web is a project intended to give Internet users access to Tor Onion Services without the need to use Tor Browser. |
| tumblr | Tumblr is a social networking and microblogging platform allowing users to publish blog posts and multimedia content. |
| twitch | Twitch.tv is a live video streaming service focused on video games. |
| twitpic | Photo sharing web service dedicated to Twitter. This service enable users to share photos with their Twitter followers on web browser and mobile devices. |
| twitter | Online microblogging service that enables its users to read and send short text-based messages. |
| ustream | Ustream is a live video broadcasting webservice available on PC and mobile platforms. |
| utorrent | uTorrent is a closed source BitTorrent client. This plugin classifies the traffic to the software company. The generated traffic by this software is classified as bittorrent. |
| utp | BitTorrent transport layer. |
| uusee | Uusee is a peer-to-peer TV software, using the BitTorrent peer-to-peer technology. It uses the network coding technology. Note: In Basic-DPI, Partial classification over http. |
| vevo | VEVO is a music video streaming platform sponsored by Google, Universal Music Group, and Sony Music Entertainment. |
| viber | Viber is a free embedded voice over-ip application for smartphones. |
| vimeo | Vimeo is a high definition video streaming platform, to be accessed from a web browser or mobile applications. |
| vine | Vine is a short-form video sharing service. |
| vrrp | Virtual Router Redundancy Protocol (VRRP) is a protocol designed to eliminate the single point of failure inherent in the static default routed environment. VRRP specifies an election protocol that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. |
| vmware | VMWare is a protocol used by the VMWare application, allowing it to have network interfaces and remote access to a virtual machine. |
| vmware_horizon_view | Vmware Horizon View is a commercial desktop-virtualization product developed by VMware. This plugin classifies pcoip streams over UDP between virtual machines and Mac/Windows clients |
| waze | Waze is a community-based mapping, traffic, and navigation app. |
| webex | WebEx is an online meeting, videoconferencing, and collaborative application |
| whatsapp | WhatsApp Messenger is a cross-platform, instant, mobile messaging application that lets users exchange messages without having to pay for SMS. WhatsApp Messenger is available for iPhone, BlackBerry, Android, and Nokia. |
| whois | WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block, or an autonomous system, and a wider range of other information. |
| wiiconnect24 | WiiConnect24 is an asynchronous communication protocol implemented on the Nintendo Wii gaming system. It is used by some information channels and services embedded in the console, and by some games. |
| wikipedia | Wikipedia is the biggest multilingual free-content encyclopedia on the Internet. |
| windows_azure | This protocol plug-in classifies the ssl traffic to the Common Name msecnd.net. |
| wins | WINS (Windows Internet Naming Service) is Microsoft's implementation of NetBIOS Name Service (NBNS), which is a name server and service for NetBIOS computer names. This plug-in classifies replication flows between servers. Client-to-Server flows are handled by the nbns plug-in. |
| live_storage | Windows Live File Storage is a Microsoft web service designed to be used by other Microsoft web services that may need storage, for example MSN and Skydrive. |
| live_groups | Windows Live Groups is an online service by Microsoft that lets users create their social groups for sharing, discussion, and coordination. |
| live_hotmail | Windows Live Hotmail is a free webmail service operated by Microsoft. The service is now named Outlook. |
| livemail_attach | Detection of the Windows Live Mail File attachment uploads. |
| skydrive | This protocol plug-in classifies the ssl traffic to the Common Names live.com.nsatc.net, Skydrive, skydrive.wns.windows.com, skydrivesync.policies.live.net, gateway.edge.messenger.live.com, skyapi.live.net, skydrive.live.com, onedrive.live.com, and storage.live.com. |
| skydrive_login | On-line file storage service owned by Microsoft. |
| windows_marketplace | Windows Marketplace is a service by Microsoft for its Windows Phone 7/8 and Microsoft Windows 8 platforms that allows users to browse and download applications developed by third-parties. The website for Microsoft Store retail stores is also classified. |
| windows_update | Windows_update is the protocol used for windows system updates. |
| wordpress | WordPress is a popular blogging system. This plug-in classifies the usage of Wordpress.com blog hosting online service. |
| wow | WOW is an online role-playing game. |
| xboxlive | Online multiplayer gaming and digital media delivery service created and operated by Microsoft Corporation. |
| xboxlive_marketplace | Xbox Live Marketplace is a service where users can purchase and download games and multimedia. |
| xbox_music | Xbox Music is an online service for music. |
| xbox_video | Microsoft Movies and TV is an online service to watch movies, tv shows, and series. |
| xhamster | p*rnographic videos streaming platform. |
| yahoo_groups | Yahoo! Groups offers free mailing lists, photo and file sharing, group calendars, and more. |
| ymail_classic | Yahoo! Mail Classic was the original interface for Yahoo! Mail. |
| ymail2 | This protocol is the ajax-based version of Webmail Yahoo. Note: In Basic-DPI, Partial classification over http. |
| ymsg | Yahoo Messenger is used by the Yahoo Instant Messenger application to send instant messages, files, and emails between users. |
| ymsg_conf | Please note that since version 11.5.0, voice calls are not supported, therefore rtp inheritance is deprecated. |
| ymsg_transfer | This protocol is used for file tranfers over ymsg. |
| ymsg_video | (versions prior to 10.0.0.270) This protocol is used by Yahoo Messenger for video conversations. |
| yahoo_search | This protocol is used to send queries to the Yahoo search engine. |
| ymail_mobile_new | Yahoo Mail Mobile_new is the new yahoo.com webmail adapted to mobiles. |
| ymsg_webmessenger | Yahoo webmessenger. |
| yahoo | Yahoo is a pseudo-protocol which classifies generic web services related to Yahoo. Note: In Basic-DPI, Partial classification over http. |
| ypbind | The ypbind utility is the process that maintains NIS binding information. At startup, it searches for an NIS server responsible for serving the system's default domain (as set by the domainname(1) command) using net-work broadcasts |
| yppasswd | The Yellow Page Password protocol enables the modification of logins and passwords in Network Interface System cards. |
| ypserv | Yellow Pages Server is a protocol used to distribute NIS databases to client systems within an NIS domain. |
| youtube | Youtube is a website where users send or watch videos. |
