Follow these steps to create a policy based on a specific protocol:
Keep in mind that this is not recommended for use by itself, since you would trigger incidents any time a communication over the set protocol occurs. It is, however, very useful if you want to use it as a compound policy that triggers on a keyword only used within one protocol.