icon-cloud-connector.svg
Cloud & Branch Connector

About Network Services

Zscaler firewall has over 50 predefined services and an admin can configure up to 1,024 additional custom services. You can add, modify, or delete ports in all predefined services except ICMP_any, UDP_any, TCP_any, and OTHER. To learn more, see Configuring Network Services.

  • NameTCP Destination PortsUDP Destination PortsDescription
    AIM5190-AOL Instant Messenger (AIM) is an instant messaging application. The protocol name is Open System for Communication in Realtime and is used in both ICQ and AIM services.
    DHCP67-6867-68The DHCP protocol is used to automatically configure the network parameters of a station.
    DNS5353The DNS protocol is used to translate internet names (www.site.com) into IP addresses and vice versa.
    Echo77Echo Protocol is a service in the Internet Protocol suite defined in RFC 862. It was originally proposed for testing and measurement of round-trip times in IP networks.
    ESP--Encapsulating Security Payload (ESP) is a protocol within IPsec that provides data confidentiality and authentication for the payload in network packets.
    FTP21-The FTP protocol is used for reliable data transfer between a client and a server.
    FTPS_Implicit990990Implicit FTPS automatically starts an SSL/TLS connection to server as soon as the FTP client connects to an FTP server.
    Gnutella6346-63476346-6347Gnutella is a peer-to-peer protocol.
    GRE--Generic Routing Encapsulation (GRE) is a tunneling protocol that sets up direct point-to-point links by encapsulating data packets of one protocol inside the packets of another protocol.
    H.3231503, 1720, 1731, 389, 5221719H.323 is a standard approved by the International Telecommunication Union that defines how audiovisual conferencing data is transmitted across networks.
    HTTP80-HTTP is used for browsing the web.
    HTTP Proxy3128, 8080-HTTP tunneling is a technique by which communications performed using various network protocols are encapsulated using the HTTP protocol, the network protocols in question usually belonging to the TCP/IP family of protocols.
    HTTPS443-HTTPS is the secure version of HTTP.
    ICMP--ICMP is one of the main protocols of the Internet Protocol suite, which is used by network devices like routers to send error messages indicating that a requested service is not available or that a host or router could not be reached. ICMP can also be used to relay query messages.
    Ident113-Identification Protocol (Ident Protocol) provides a means to determine the identity of a user of a specific TCP connection.
    IKE500500Internet Key Exchange (IKE) is a protocol to obtain authenticated keying material for use with Internet Security Association and Key Management Protocol for IPSec.
    IKE-NAT-4500IKE-NAT allows network address translation for Encapsulating Security Payload and Internet Security Association and Key Management Protocol packets.
    ILS1002, 389, 522, 636-Internet Locator Service (ILS) includes Lightweight Directory Access Protocol (LDAP), User Locator Service, and LDAP over SSL/TLS.
    IMAP143, 220, 993220Internet Message Access Protocol (IMAP) is a protocol used for retrieving email messages.
    IRC6660-6669-Internet Relay Chat (IRC) is an instant messaging protocol.
    Kerberos8888Kerberos is a computer network authentication protocol which works on the basis of 'tickets' to allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
    L2TP-1701Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol used by an Internet service provider to enable the operation of a virtual private network over the internet.
    LDAP389-Lightweight Directory Access Protocol (LDAP) is a protocol used for accessing directory services. Windows environments use this protocol to send queries to Active Directory.
    MGCP Call Agent-2727This network service represents the Media Gateway Control Protocol (MGCP) call agent service.
    MGCP User Agent-2427This network service represents the Media Gateway Control Protocol (MGCP) user agent service.
    MSNP1863-Microsoft Notification Protocol (MSNP) allows the exchange of instant messages. The MSN protocol is used by the Microsoft software Microsoft Messenger.
    MS_SQL1433 Protocol for the Microsoft SQL relational database management system.
    NetBIOS137, 139137-138This network service represents the Network Basic Input/Output System (NetBIOS) name/datagram/session service.
    NetMeeting1503, 1720, 1731, 389, 5221719Microsoft NetMeeting allows users to teleconference using the internet as the transmission medium.
    NFS111, 2049111, 2049The Network File System (NFS) protocol provides transparent remote access to shared file systems across networks as described in RFC 1813.
    Nmap678678Network Mapper (Nmap) is a security scanner used to discover hosts and services on a computer network, thus creating a 'map' of the network.
    NTP-123Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks.
    OpenVPN-1194OpenVPN is an open source software application that implements virtual private network techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities.
    pcAnywhere563122, 5632The pcAnywhere software is used for remote control and file transfer.
    POP3109, 110, 995-Post Office Protocol version 3 (POP3) is a protocol used for retrieving email.
    PPTP1723-Point-to-Point Tunneling Protocol (PPTP) allows the Point to Point Protocol to be tunnelled through an IP network.
    QUIC-443Quick UDP Internet Connections (QUIC) is a transport protocol for the internet, developed by Google.
    RADIUS-1812-1813Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.
    RealMedia7070-RealMedia is a streaming video and audio technology.
    Rsync873873The rsync program is used for file synchronization and file transfer on Unix-like systems. This program minimizes network data transfer by using a form of delta encoding called the rsync algorithm.
    RTSP554554The Real Time Streaming Protocol (RTSP) is an application-level protocol for control over the delivery of data with real-time properties. RTSP provides an extensible framework to enable controlled, on-demand delivery of real-time data, such as audio and video.
    SCCP2000-Skinny Client Control Protocol (SCCP) is a Cisco proprietary protocol used between Cisco Unified Communications Manager and Cisco Voice over IP (VoIP) phones. It is also supported by some other vendors.
    SIP50605060Session Initiation Protocol (SIP) is the Internet Engineering Task Force's standard for multimedia conferencing over IP. Like other Voice over IP (VoIP) protocols, SIP is designed to address the functions of signaling and session management within a packet telephony network.
    SMB445-The Server Message Block Protocol (SMB/SMB2) provides a method for client applications to read and write to files and to request services from server programs in a computer network.
    SMTP25-Simple Mail Transfer Protocol (SMTP) is used for sending email messages between servers.
    SNMP161-162161-162This network service represents Simple Network Management Protocol (SNMP) applications (also called SNMP managers) and SNMP agents.
    SNMP Trap154154SNMP traps enable an agent to notify the management station of significant events by way of an unsolicited SNMP message.
    SSH22-Secure Shell (SSH), sometimes known as Secure Socket Shell, is a UNIX-based command interface and a protocol for obtaining secure access to a remote computer.
    Syslog-514Syslog protocol is used for the transmission of event notification messages across networks between a client and a server.
    TACACS4949Terminal Access Controller Access-Control System (TACACS) refers to a family of related protocols handling remote authentication and related services for network access control through a centralized server.
    TCP--TCP is one of the core protocols of the Internet Protocol suite, and is so common that the entire suite is often called TCP/IP.
    TDS1433-Tabular Data Stream (TDS) is a protocol for the Microsoft SQL relational database management system.
    Telnet23-Telnet provides a fairly general, bidirectional, 8-bit byte-oriented communications facility. Its primary aim is to provide a standard method of interfacing between terminal devices and terminal-oriented processes.
    TFTP6969Trivial File Transfer Protocol (TFTP) is a file transfer protocol notable for its simplicity.
    Traceroute-33400-34000Traceroute is a utility to indicate the path to access a specific host.
    UDP--User Datagram Protocol (UDP) is one of the core members of the Internet Protocol suite.
    VDOLive7000-7010-VDOLive is a scalable, video streaming technology.
    VNC5800, 5900-Virtual Network Computing (VNC) facilitates remote control of computers over a network by using the Remote Frame Buffer protocol.
    WHOIS43-WHOIS is a network directory service protocol.
    Yahoo Messenger5050-Yahoo Messenger is used by the Yahoo Instant Messenger application to send instant messages, files, and emails between users.
    Zscaler Proxy Network Services10099, 21, 443, 80, 8080, 8800, 9400, 9443, 9480-This network service includes all Zscaler-specific web proxy ports including customer-specific Dedicated Proxy Ports.
    Close

Network services configured in Zscaler are identified at the first packet, leading to immediate policy action. In contrast, multiple packets are typically required by deep packet inspection to identify network applications before a policy action can take place. Therefore, Zscaler recommends that you rank firewall filtering rules for network services higher than rules for network applications to prevent packets from being allowed unnecessarily from traffic that would have been otherwise blocked by rules using first-packet identification.

You can also define network service groups. To learn more, see About Network Service Groups.

Network Services provide the following benefits and enable you to:

  • Create policies based on TCP and UDP source and destination ports.
  • Update predefined network services for your purposes.
  • Use the same network services in forwarding & security policies.

About the Network Services Page

On the Network Services page (Administration > Network Services), you can do the following:

  1. Add a network service.
  2. View a list of all network services. For each service, you can view:
    • Name: The name of the application service layer you are controlling.
    • TCP Source Ports: The TCP source port number or port number range, if any, that is used by the network service.
    • TCP Destination Ports: The TCP destination port number or port number range, if any, that is used by the network service.
    • UDP Source Ports: The UDP source port number or port number range, if any, that is used by the network service.
    • UDP Destination Ports: The UDP destination port number or port number range, if any, that is used by the network service.
    • Description: For predefined services, a brief description of what the service is. For services you have added, any additional notes you included.
  3. Edit a network service.
  4. View a network service.
  5. Modify the table and its columns.
  6. Search for a network service.
  7. Filter the network services by protocol (TCP or UDP).
  8. Go to the Network Service Groups page.

Screenshot of Network Services page in the Zscaler Cloud & Branch Connector Admin Portal

Related Articles
About Source IP GroupsConfiguring Source IP GroupsAbout Destination IP GroupsConfiguring Destination IP GroupsAbout IP PoolConfiguring IP PoolAbout Network ServicesConfiguring Network ServicesAbout Network Service GroupsConfiguring Network Service Groups