The MS RPC (Microsoft-Remote Procedure Call) service is a mechanism for running processes on a remote computer. The security device compares actual MS RPC traffic with maximum settings of what you consider to be normal MS RPC traffic. Any traffic exceeding such settings is considered anomalous.
To modify one or more of the following settings for AIM, enter a new value in the Current column for the parameter you want to adjust, and then click Apply:
Maximum Fragment Length in MS RPC Messages: Specifies the maximum length, in bytes, of an MS RPC fragment. Minimum: 4096; maximum: 65,535; default: 8192.
Maximum Tower Data Length in Endpoint Mapper Messages: Specifies the maximum number of bytes in a protocol tower representation in an MS RPC EPM message. A protocol tower consists of an interface identifier and binding information between a client and server that permits the client to make a remote procedure call to the server. Minimum: 8192; maximum: 268,435,456; default: 8192.
Maximum Endpoint Mapper (EPM) Message Length: Specifies the maximum number of entries in an MS RPC endpoint mapper (EPM) message. Minimum: 100; maximum: 8192; default: 100.