A good control and management should be conducted based on accurate identification. Traditional web security products such as web firewalls are designed to inspect filehead information only (Figure one) and have to block standard application protocol based on IP or port. In these products, control policies are applied only on web layer while useless on content layer. Furthermore, they are completely incompetent in blocking those dynamical Internet applications such as QQ, P2P. However, Anchiva secure web gateways identify the applications through specific signature based on deep pack inspection (DPI). As shown in Figure 2, the unique and periodic changing character signatures can be the  unique feature marking a specific application or protocol, just like human's fingerprint demonstrating unique personal information.