stateful inspection

Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall.

Stateful inspection has largely replaced an older technology, static packet filtering. In static packet filtering, only the headers of packets are checked -- which means that an attacker can sometimes get information through the firewall simply by indicating "reply" in the header. Stateful inspection, on the other hand, analyzes packets down to the application layer. By recording session information such as IP addresses and port numbers, a dynamic packet filter can implement a much tighter security posture than a static packet filter can.

Stateful inspection monitors communications packets over a period of time and examines both incoming and outgoing packets. Outgoing packets that request specific types of incoming packets are tracked and only those incoming packets constituting a proper response are allowed through the firewall.

In a firewall that uses stateful inspection, the network administrator can set the parameters to meet specific needs. In a typical network, ports are closed unless an incoming packet requests connection to a specific port and then only that port is opened. This practice prevents port scanning, a well-known hacking technique.

Check Point Software Technologies developed stateful inspection in the early 1990s.

Learn more about Network Security Best Practices and Products

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

More resources from around the web: - Service Strategies, Inc. explains how stateful inspection works. - SearchSecurity.com offers news, research and expert advice about firewalls.

FILE EXTENSION AND FILE FORMAT LIST File Extension and File Format List: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z #

RELATED CONTENT 2010 predictions: What's the worst network security threat this year? Hear enterprise network security expert Michael Gregg speak about the worst computer networking threats facing businesses in this 2010 predictions... Best of 2009: Computer networking advice Best computer networking advice of 2009: From certifications to switches, tips from the experts. Network security forecast 2010: Startups cash out, uber-devices step up Forrester Research senior analyst John Kindervag predicts what the new year will bring for network security.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anti-replay protocol  (SearchNetworking.com) dynamic packet filter  (SearchNetworking.com)