When we are using Cisco IOS firewall on ISR we can enable generic ip inspection as tcp or udp. When this is done why is it necessary to inspect application protocols like say telnet,http, Kazza_Version2 etc. as all these protocols are tcp (protocol number 5) which we are inspecting. Why is it necessary to inspect ports for say 23,or 80 or SMTP 25?
Please share the experience.
Any explanation on cisco.com or on any other URL is highly appereciable.
Thanks in advance.