To my best knowledge, it is not necessary to configure the ip nbar protocol-discovery command in order to use match protocol clauses in class-map constructs. The ip nbar protocol-discovery causes the router to start making statistical breakdowns of various protocols passing through a particular interface. However, it has been my experience that this command was not necessary for protocol-based class-maps.
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Peter is correct.
For the original poster, later versions of NBAR can also determine the subtype of later Citrix protocol packets. This will allow you to distinguish the "screen scraping" packets from printing or disk copying packets. The latter two sub types you probably don't want to include as interactive traffic. (NB: for earlier NBAR versions that don't recognize Citrix packet subtypes, I recall there was a Citrix PDLM that did, but I'm not positive.)
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...