Content vectoring protocol (CVP) is a protocol primarily used to move data, such as Web pages or email addresses, from VPN-1/Firewall-1 to a different server for validation. CVP is used to scan content. Moving data out of a firewall into an external scanning device is filtered with the help of a content vectoring protocol. For example, open platform for security (OPSEC) compliant anti-virus scanners make use of content vectoring protocol to communicate with firewall-1.
Content vectoring protocol was first designed by a company called Check Point Software in 1996 as a protocol allowing anti-virus solutions to communicate with anti-virus servers. The first implementation of CVP was on firewall-1 version 3.0, which was later developed as an application programming interface (API) specification. It used TCP port 18181 and was generally used to inspect the HTTP content on the anti-virus servers. A typical use of CVP would be moving all inbound SMTP (simple mail transfer protocol) messages to a malicious content-scanning server, which would scan the data for any malicious Active-X code. CVP is mainly used in virus-scanning of data obtained from sources such as email messages or downloaded Internet files as they cross a firewall.
The working of CVP involves interception of a content stream by one of the security servers. Before the content reaches the end user, FireWall-1 determines that the content needs to be scanned by the CVP server. As the content is downloaded through a firewall, it is sent to a separate CVP server. The CVP server scans the content and takes one of the three actions toward the content:
Sending the content as is without incorporating any changes
Removing the virus and other offending content, then sending the corrected content
Not sending any at all
The CVP API developed by the Check Point Software provides an asynchronous interface to applications designed to check the content validation. This feature becomes extremely useful because the files are scanned for harmful viruses and other malicious content as they pass through firewalls. A single content validation server is shared among different firewall systems, thereby creating a client/server relationship. The files containing inappropriate or malicious content are flagged for inspection. A content validation server collects these files together and performs content validation.
CVP simplifies the deployment of anti-virus software and content blocking products, with firewalls. CVP defines a specific set of communication routines used to move the data back and forth between content scanners and gateway systems such as firewalls and proxy servers.
Get Techopedia delivered to your inbox!