WinRoute Firewall
A protocol inspector is a part of WinRoute Firewall that understands
high-level Internet languages, like HTTP or FTP. It is called an inspector
because it looks at the traffic before allowing it though.
Discussion
A brief explanation of Internet protocols
There are many different types of languages, or protocols,
that are spoken between computers on the Internet. Of these, the most basic is
the Internet Protocol (IP), which is used to get the address of
each computer and explains how to get from one address to the other.
That\'s not very much information, so there are other languages that are built
on top of the Internet Protocol, like the Transmission Control Protocol
(TCP), which is used to say that a certain set of IP messages are all part of
the same conversation, or transmission.
Even then, that only says how you communicate between two computers.
It doesn\'t say what you communicate. To say what you
communicate, many languages are built on top of TCP. The most common language is
the Hypertext Transfer Protocol (HTTP), used to communicate web
pages from a web server to a web browser.
Historical Firewalls
Older firewalls could only understand low-level Internet languages, like IP
(the Internet Protocol) or TCP (Transmission Control Protocol). As a result,
they could only filter traffic based on the limited amount of information in
those low-level languages. You could specify where traffic was allowed
to go, but not what messages were allowed through.
WinRoute Firewall and Protcol Inspectors
A protocol inspector is a part of WinRoute Firewall that understands
high-level Internet languages like FTP (File Transfer Protocol, used for
downloading files) or HTTP (Hypertext Transfer Protocol, used for looking at web
sites).
Each message in these languages is made up of many TCP or IP messages. Those
smaller messages (called packets) are collected by WinRoute
Firewall, decoded, and then given to the appropriate Protocol Inspector.
What are they good for?
Protocol Inspectors give WinRoute Firewall the ability to do many things that
older firewalls cannot do.
For example, because WinRoute Firewall can understand HTTP, it can integrate
with the Cobion OrangeFilter and filter out web sites that users access, based
on category. WinRoute Firewall can also look for forbidden words in web pages
and deny access to those pages.
WinRoute can also control what types of messages are allowed between Internet
FTP servers and your corporate network, for added security.
Finally, there are many Internet protocols that do not pass through firewalls
correctly. With protocol inspectors, WinRoute Firewall can fix them as they go
through, to make them work correctly.