2.2.4. Traffic analysis with proxies

The traffic in a connection usually consists of two parts:

  • control information (for example, headers and metainformation)

  • data (the payload)

The protocol proxies of PNS analyze and filter the control part of the traffic, but — in most cases — ignore the payload. (The antivirus and spam-filtering modules of CF inspect the payload.) PNS proxies can thoroughly inspect the protocol headers to ensure compliance to the protocol, disable the use of prohibited options, and so on. PNS can handle commonly used protocols, including:

  • FTP/FTPS

  • HTTP/HTTPS

  • IMAP/IMAPS

  • POP3/POP3S

  • SIP

  • SMTP/SMTPS

  • SQLNet

  • SSH

  • SSL/TLS

  • Telnet

  • VNC

Every protocol proxy can handle the SSL/TLS encrypted version of the protocol, and inspect the embedded traffic, giving control over HTTPS, SMTPS, and other connections.

For more information on supported protocols and for a complete list of proxies, see Proxedo Network Security Suite 2 Reference Guide.