An Application-Layer Gateway (ALG) is a software component, which is designed to administrate and control connections of specific protocols such as SIP, FTP, DNS, H.323 and SQL.
The ALG intercepts and analyzes the specific traffic, assigns resources and defines the dynamic policies that will allow the traffic to be exchanged safely. An ALG allows a Gateway to analyze the application layer of the traffic flow and make decisions, based on this information. Generally, this function is used for the support of applications that use the payload of the application layer to inform the ports (TCP/UDP), in which the connections are opened.
An ALG has two main functions: The first function is to dinamically establish the ports that the traffic of the application uses to allow the return communication (For example, an FTP application can use several control and data sessions for the same communication between the source and the destination). The second function is to supply a deeper layer of inspection and a major level of security in the application area. ALG can be considered a function which offers extra intelligence to assist the applications, which, due to their nature, usually have problems with the Firewall devices. This is possible because ALG understands how the protocol it analyzes should work.
The ALG process inspects the control channels of the applications and, in general, it deals with functions such as NAT and port assignation. The ALG process, on the other hand, does not inspect or monitor the data channel, so it does not analyze the communication content.