IPS packet or content filter

Unanswered Question
Dec 3rd, 2007

I'm a beginner with IPS, but I'm confused with the terms packet and content filter, when I'm looking in some documents on the web they are talking about packet filtering; statefull packet filtering etc ..., I see also the term content filtering, what is an IPS doing packet or content filtering ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
attmidsteam Tue, 12/04/2007 - 10:40

IDS/IPS devices are not firewalls and do not perform packet & content filtering (unless you stretch the definition and create a signature looking for specific keywords which blocks in-line).

Stateful means that the firewall tracks connections and allows reply traffic without checking an ACL:

http://en.wikipedia.org/wiki/Stateful_firewall

Content filtering devices examine the data stream and make a determination if the content of the traffic is allowed (ex: blocking unsafe for work websites):

http://en.wikipedia.org/wiki/Content_filter

Actions

This Discussion