stateful inspection

Stateful inspection is an advanced firewall architecture that was invented by Check Point Software Technologies in the early 1990s. Also known as dynamic packet filtering, it has replaced static packet filtering as the industry standard firewall solution for networks.

Stateful inspection provides enhanced security by keeping track of communications packets over a period of time. Both incoming and outgoing packets are examined. Outgoing packets that request specific types of incoming packets are tracked; only those incoming packets constituting a proper response are allowed through the firewall. In contrast to static packet filtering, in which only the headers of packets are checked, stateful inspection analyzes packets down to the Application layer.

In a firewall that uses stateful inspection, the network administrator can set the parameters to meet specific needs. In a typical network connected to the Internet, ports are normally closed unless an incoming packet requests connection to a specific port, and then only that port is opened to the packet. This prevents port scanning, a well-known technique used by hackers to gain entry to networks and individual computers connected to the Internet.

A well-engineered, comprehensive firewall is a must for networks today. Firewalls are increasingly employed by home computer users as well, particularly those with broadband Internet connections.

Read more about stateful inspection: - Service Strategies, Inc. explains how stateful inspection works. - SearchSecurity.com offers numerous links to information about firewalls.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Ethical hacking and countermeasures: Network penetration testing intro Here enterprise security expert Michael Gregg explains network penetration testing, where the term "ethical hacking" came from, who to hire for a... Are you on a domain name system (DNS) blacklist database? Many domain name system (DNS) blacklist databases exist. If your mail server or IP address has been misused you may be on them. Our networking... Rogue access points: Preventing, detecting and handling best practices Rogue access points, wireless or otherwise, pose network security threats. Learn how to prevent, detect and eliminate unauthorized APs from finding...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anti-replay protocol  (SearchNetworking.com) dynamic packet filter  (SearchNetworking.com)