In addition to the content level inspection performed by the IDS, specific content inspections should also be performed on web SERVER traffic and other application traffic. Some attacks evade detection by containing themselves in the payload of PACKETS, or by altering the packet in some way, such as FRAGMENTATION. Content level inspection at the web server or application server will protect against attacks such as those that are tunneled in LEGITIMATE communications, attacks with malicious data, and unauthorized application usage.

In addition to the content level inspection performed by the IDS, specific content inspections should also be performed on web server traffic and other application traffic. Some attacks evade detection by containing themselves in the payload of packets, or by altering the packet in some way, such as fragmentation. Content level inspection at the web server or application server will protect against attacks such as those that are tunneled in legitimate communications, attacks with malicious data, and unauthorized application usage.