2.2.5. Traffic analysis with proxies

The traffic in a connection usually consists of two parts:

  • control information (for example, headers and metainformation)

  • data (the payload)

The protocol proxies of Zorp analyze and filter the control part of the traffic, but — in most cases — ignore the payload. (The antivirus and spam-filtering modules of ZCV inspect the payload.) Zorp proxies can thoroughly inspect the protocol headers to ensure compliance to the protocol, disable the use of prohibited options, and so on. Zorp can handle commonly used protocols, including:

  • FTP/FTPS

  • HTTP/HTTPS

  • IMAP/IMAPS

  • NNTP/NNTPS

  • POP3/POP3S

  • RDP

  • SIP

  • SMTP/SMTPS

  • SQLNet

  • SSH

  • SSL/TLS

  • Telnet

  • VNC

Every protocol proxy can handle the SSL/TLS encrypted version of the protocol, and inspect the embedded traffic, giving control over HTTPS, SMTPS, and other connections.

For more information on supported protocols and for a complete list of proxies, see Zorp Professional 7 Reference Guide.

Previous Up Next
 Home