These look at network packet content to determine what applications are being tunnelled over TCP port 80. They can then block the application depending on your network use policy. One thing you need ...