A Service object is a reference to a specific IP protocol with associated parameters. A service definition is usually based on one of the major transport protocols such as TCP or UDP which is associated with a specific source and/or destination port number(s). For example, the HTTP service is defined as using the TCP protocol with the associated destination port 80 and any source port. However, service objects are not restricted to just the TCP or UDP protocols. They can be used to encompass ICMP messages as well as a user-definable IP protocol.
cOS Core includes many predefined objects like HTTP,FTP,SSH, etc.
If the list of predefined cOS Core service objects does not meet the requirements for certain traffic then a new service can be created. The Type of service created can be one of the following:
- TCP/UDP Service – A service based on the UDP or TCP protocol or both. This object has also other important properties
- SYN Flood Protection
- ALG – enable deeper inspection of certain protocol. This is the way that an ALG is associated with an IP rule. First,associate the ALG with a service and then associate the service with an IP rule.
- Max Sessions – An important parameter associated with a service is Max Sessions. This parameter is given a default value when the service is associated with an ALG. The default value varies according to the ALG it is associated with. If the default is, for example 100, this would mean that only 100 connections are allowed in total for this service across all interfaces.
- ICMP Service – A service based on the ICMP protocol.
- IP Protocol Service – A service based on a user defined protocol. Services that run over IP and perform application/transport layer functions can be uniquely identified by IP protocol numbers. IP can carry data for a number of different protocols. These protocols are each identified by a unique IP protocol number specified in a field of the IP header. For example, ICMP, IGMP and EGP have protocol numbers 1, 2 and 8 respectively.
- Service Group – A service group consisting of a number of services. Service Group is, exactly as the name suggests, a cOS Core object that consists of a collection of services. Although the group concept is simple, it can be very useful when constructing security policies since the group can be used instead of an individual service. Groups can contain other groups.