Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
997
Views
0
Helpful
5
Replies

What is concept of statefull firewall?

weerapatr
Level 1
Level 1

‎09-27-2006 01:15 AM - edited ‎03-09-2019 04:19 PM

Please clarify

TIA

Labels:
0 Helpful
5 Replies 5

pciaccio
Level 4
Level 4

‎09-27-2006 02:41 AM

A Firewall in general will filter packets dependant upon Layer 3 specifications. You can permit or block source and Dest IPs. However a Statefull Firewall goes to Layer 3 and above. You can now filter or perform certain tasks dependant upon the state of your traffic flow or your TCP/UDP ports and application you are using. This allows for a more granular filtering ability and if set up correctly can prevent virus' and intrusions, DOS, DDOS attacks along with other preventions. Today all firewalls (at least the ones I know) are statefull firewalls...Please rate...

0 Helpful

iraban
Level 1
Level 1
In response to pciaccio

‎09-29-2006 06:32 PM

I have done my CCIE secuity written, I am compltely aware of what a statful packet inspection is all about.

I need to know what vendor or product will fulfill the criteria

thanks for your post though

0 Helpful

abdel_n
Level 1
Level 1

‎09-27-2006 06:05 AM

Hi,

To have a complete idea about what is stateful firewall it?s very important to understand what differ this technology from others.

Here is the explanation of the three main firewall technologies:

Stateful inspection - Stateful inspection firewalls, also known as stateful packet filters, allow/deny traffic based on source destination and service while maintaining a state table to keep track of existing connections. This ensures that inbound connections are valid replies to outbound requests.

Proxy - Connections are initiated on the firewall on behalf of the requester. Traffic does not pass through a proxy-based firewall but rather is recreated by the firewall, this type of technology works at the application layer.

Packet filtering - Inspects the incoming and outgoing packets and allows/denies traffic based on source, destination, protocol, and service.

0 Helpful

iraban
Level 1
Level 1
In response to abdel_n

‎09-29-2006 06:31 PM

I have done my CCIE secuity written, I am compltely aware of what a statful packet inspection is all about.

I need to know what vendor or product will fulfill the criteria

thanks for your post though

0 Helpful

Patrick Iseli
Level 7
Level 7
In response to iraban

‎09-29-2006 08:09 PM

Probably 95% of all vendor firewalls are stateful by now.

The trend is more going in direction of more application awareness as IDS/IPS features up to layer 7.

Sateful firewalls:

- Cisco: PIX, FWSM, IOS FW

- CheckPoint: NGX

- Junipers FW

- Astaro, Watchguard,

sincerely

Patrick

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents