Network devices, computer-readable media, and other embodiments associated with packet inspection are described. Packet inspection may be performed on data packets associated with a session, where a session can include multiple data channels and associated control channels that have been bound together. A session may be associated with an identity. Various policies may be associated with that identity. As packet inspection occurs, it can be determined whether policies are being violated on a per identity basis. If a policy is being violated, then an action may be selectively performed. The action performed may affect a single channel in the session or may affect the whole session. Different identities may have different policies. Example actions include dropping a session, throttling a session, monitoring a session, controlling the number of channels associated with a session, dropping a channel, throttling a channel, monitoring a channel, and other actions.