Content Vectoring Protocol

Last updated

In computer networks, Content Vectoring Protocol is a protocol for filtering data that is crossing a firewall into an external scanning device. An example of this is where all HTTP traffic is virus-scanned before being sent out to the user. [1]

This protocol is identified as part of the Checkpoint training as being one of the benefits of their products. It is not known whether this is just a re-working of another protocol that has been re-branded by Checkpoint or if this is a generic Internet protocol.

Its default is to use TCP port 18181. [2]

It is used separately by few servers implementing firewall to inspect the http content. It may or may not inspect the whole of the content, which is entirely based on the administrator managing the firewall. The administrator can direct the whole of the internet traffic to the content vectoring protocol or specific content coming from specific source to be inspected by the content vectoring protocol.

Related Research Articles

Denial-of-service attack Cyber attack disrupting service by overloading the provider of the service

In computing, a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled.

Proxy server Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application or appliance that acts as an intermediary for requests from clients seeking resources from servers that provide those resources. A proxy server thus functions on behalf of the client when requesting service, potentially masking the true origin of the request to the resource server.

An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically reported either to an administrator or collected centrally using a security information and event management (SIEM) system. A SIEM system combines outputs from multiple sources and uses alarm filtering techniques to distinguish malicious activity from false alarms.

In computer security, a DMZ or demilitarized zone is a physical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network (LAN): an external network node can access only what is exposed in the DMZ, while the rest of the organization's network is firewalled. The DMZ functions as a small, isolated network positioned between the Internet and the private network .

This page provides an index of articles thought to be Internet or Web related topics.

SOCKS is an Internet protocol that exchanges network packets between a client and server through a proxy server. SOCKS is an abbreviation of "SOCKet Secure". SOCKS5 optionally provides authentication so only authorized users may access a server. Practically, a SOCKS server proxies TCP connections to an arbitrary IP address, and provides a means for UDP packets to be forwarded.

Deep packet inspection (DPI) or packet sniffing is a type of data processing that inspects in detail the data being sent over a computer network, and may take actions such as alerting, blocking, re-routing, or logging it accordingly. Deep packet inspection is often used to baseline application behavior, analyze network usage, troubleshoot network performance, ensure that data is in the correct format, to check for malicious code, eavesdropping, and internet censorship, among other purposes. There are multiple headers for IP packets; network equipment only needs to use the first of these for normal operation, but use of the second header is normally considered to be shallow packet inspection despite this definition.

A port scanner is an application designed to probe a server or host for open ports. Such an application may be used by administrators to verify security policies of their networks and by attackers to identify network services running on a host and exploit vulnerabilities.

The Great Firewall of China is the combination of legislative actions and technologies enforced by the People's Republic of China to regulate the Internet domestically. Its role in internet censorship in China is to block access to selected foreign websites and to slow down cross-border internet traffic. The effect includes: limiting access to foreign information sources, blocking foreign internet tools and mobile apps, and requiring foreign companies to adapt to domestic regulations.

Cisco PIX was a popular IP firewall and network address translation (NAT) appliance. It was one of the first products in this market segment.

In computer networks, a tunneling protocol is a communications protocol that allows for the movement of data from one network to another. It involves allowing private network communications to be sent across a public network through a process called encapsulation.

Norton Internet Security, developed by Symantec Corporation, was a computer program that provided malware protection and removal during a subscription period. It uses signatures and heuristics to identify viruses. Other features included in the product are a personal firewall, email spam filtering, and phishing protection. With the release of the 2015 line in summer 2014, Symantec officially retired Norton Internet Security after 14 years as the chief Norton product. It is superseded by Norton Security, a rechristened adaptation of the Norton 360 security suite.

A middlebox is a computer networking device that transforms, inspects, filters, and manipulates traffic for purposes other than packet forwarding. These extraneous functions have interfered with application performance and have been criticized for violating "important architectural principles" such as the end-to-end principle. Examples of middleboxes include firewalls, network address translators (NATs), load balancers, and deep packet inspection (DPI) boxes.

VPN-1 is a firewall and VPN product developed by Check Point Software Technologies Ltd.

Cracking a wireless network is defeating the security of a wireless local-area network. A commonly used wireless LAN is a Wi-Fi network. Wireless LANs have inherent security weaknesses from which wired networks are exempt.

A firewall is a system or group of systems that implements a set of security rules to enforce access control between two networks to protect the "inside" network from the "outside" network. It may be a hardware device or a software program running on a secure host computer. In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet.

In computing, a firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Deep content inspection (DCI) is a form of network filtering that examines an entire file or MIME object as it passes an inspection point, searching for viruses, spam, data loss, key words or other content level criteria. Deep Content Inspection is considered the evolution of Deep Packet Inspection with the ability to look at what the actual content contains instead of focusing on individual or multiple packets. Deep Content Inspection allows services to keep track of content across multiple packets so that the signatures they may be searching for can cross packet boundaries and yet they will still be found. An exhaustive form of network traffic inspection in which Internet traffic is examined across all the seven OSI ISO layers, and most importantly, the application layer.

HTTP/2 is a major revision of the HTTP network protocol used by the World Wide Web. It was derived from the earlier experimental SPDY protocol, originally developed by Google. HTTP/2 was developed by the HTTP Working Group of the Internet Engineering Task Force (IETF). HTTP/2 is the first new version of HTTP since HTTP/1.1, which was standardized in RFC 2068 in 1997. The Working Group presented HTTP/2 to the Internet Engineering Steering Group (IESG) for consideration as a Proposed Standard in December 2014, and IESG approved it to publish as Proposed Standard on February 17, 2015. The HTTP/2 specification was published as RFC 7540 on May 14, 2015.

References

  1. InfoWorld Media Group, Inc. (30 June 1997). InfoWorld. InfoWorld Media Group, Inc. pp. 54–. ISSN   0199-6649.
  2. Valerie Laveille; Sarvang Shah (20 February 2006). CCSE NG: Check Point Certified Security Expert Study Guide: Exam 156-310 (VPN-1/FireWall-1; Management II NG). John Wiley & Sons. pp. 152–. ISBN   978-0-7821-5147-3.


Crystal Clear app network.png

This computer networking article is a stub. You can help Wikipedia by expanding it.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.