Stateful Inspection Firewall

 

A Stateful Inspection Firewall is simply a firewall that inspects stateful packets. The name originated in 1993, where it was invented by a company named Check Point Software Technologies. Today, Stateful Inspection is regarded as being the industry standard in network security.

 

 

 

In a nutshell, a Stateful Inspection Firewall is a firewall that sits on a computer network and works by tracking each and every connection through the firewall (for example, TCP streams), ensuring that all are individually valid and performing well. It also incorporates gateway technology by storing information for later usage. Each and every packet will be checked against a known connection state before being allowed to pass through. Packets that are unrecognizable will be immediately rejected.

 

Stateful Inspection Firewalls monitor all packets (pieces of messages) travelling through the system in a detailed way; the header, content and application layer are checked to ensure validity and details including IP addresses and port numbers are logged. This information – called the ‘state’ of the packet – is then stored in a table.

 

The stored stateful packet information in the firewall (called context information) is subsequently used when processing any future packets that pass through the firewall. In this way, a Stateful Inspection Firewall is constantly accumulating data to improve the integrity of the network; in a way, it becomes more knowledgeable every time a packet passes through the firewall. Additionally, as much of the processing is done when the connection is first set up, subsequent packets will be passed through at speed, because all the firewall has to do is check against existing data.

 

Unified Threat Management

 

Powered By Minnesota Web Design