Well I would say that there is something wrong with both statements, since version 5 'doesn't have URL blocking' in the web shield. That has been removed and is only in the AIS firewall module.
Everything that comes down is a file of sorts as you browse or download using HTTP on port 80 (as that is what is being monitored), .http, .jpg, .js (javascript) files, etc. make up a web page; then you have any file that you download, .exe, .zip, etc. So as you see they are all effectively files. There are protocol commands which travel in both directions which aren't files but commands to carry out what it is that you are doing, browsing, downloading, etc.
The only difference is that a file in a lot of instances is greater than the maximum packet size so it is broken down into packets of data which will be joined together at the end of that process. So the choice is to check the packets as they are downloaded or wait until all the packets are downloaded and the file is complete before scanning. Personally the Intelligent streme scanning is the better option.