4.17.3. MSRPC network traffic analysis in Firewalls

To properly implement a network security policy in Windows environments, it might be desirable to use firewalls that support MSRPC.

Depending on the completeness of the implementation, MSRPC support in a firewall might include the following features:

With Windows Server 2003 SP1, a modification to the MSRPC implementation was introduced. As a consequence, firewalls implementing sanity checks on MSRPC traffic started to block traffic originating from these systems because the software did not consider the traffic as valid. Software updates are available from the different vendors to fix the problem.