Chapter 7 Firewall for FortiOS 5.0 : Network defense : Blocking external probes : Evasion techniques : Microsoft RPC evasion
  
Microsoft RPC evasion
Because of its complexity, the Microsoft Remote Procedure Call protocol suite is subject to a number of known evasion techniques, including:
SMB-level fragmentation
DCERPC-level fragmentation
DCERPC multi-part fragmentation
DCERPC UDP fragmentation
Multiple DCERPC fragments in one packet
The FortiGate unit reassembles the fragments into their original form before inspection.