Protocols (Regular Profile) : Overview : Protocols Node
  
Protocols Node
The Protocols node allows you to access the following functions of DeviceLock:
Permissions for protocols (see Managing Permissions for Protocols, Managing Offline Permissions for Protocols)
Auditing, shadowing and alerts for protocols (see Managing Audit, Shadowing and Alerts for Protocols, Managing Offline Audit, Shadowing and Alerts for Protocols)
Protocols white list (see Managing Protocols White List, Managing Offline Protocols White List)
Basic IP firewall (see Managing Basic IP Firewall, Managing Offline IP Firewall)
Content-aware rules for protocols (see Rules for Protocols, Defining Rules for Protocols, Managing Offline Content-Aware Rules for Protocols)
Security settings for protocols (see Managing Security Settings for Protocols, Managing Offline Security Settings for Protocols)
The shortcut menu on the Protocols node provides the following commands:
Undefine NetworkLock Policy - Resets all parameters specific to NetworkLock the unconfigured state.
Undefine ContentLock Policy - Resets parameters specific to ContentLock (all content-aware rules except those based on file types) to the unconfigured state.
Recommendations
After configuring protocol access permissions, a “Server timeout” error may occur when trying to connect to some secure websites. This issue is because DeviceLock encrypts SSL traffic by using its own certificate, while some web sites/applications can only work with their predefined certificate.
To resolve the issue, add a white list rule for the SSL protocol that specifies the domain names or IP addresses, and ports used by those web site/application servers (for rule configuration instructions, see Defining Protocols White List).
In the case of a web application, you must first find out its connection servers. This can be done with the TCP View tool, available at docs.microsoft.com/sysinternals/downloads/tcpview. Some applications use server pools with reserved IP ranges, making it difficult to configure white list rules. In this case, we recommend contacting the application support for a complete list of IP addresses (ranges) in use.