- See also: dynamic packet filter
Stateful inspection is an advanced firewall architecture that was invented by Check Point Software Technologies in the early 1990s. Also known as dynamic packet filtering, it has replaced static packet filtering as the industry standard firewall solution for networks.
Stateful inspection provides enhanced security by keeping track of communications packets over a period of time. Both incoming and outgoing packets are examined. Outgoing packets that request specific types of incoming packets are tracked; only those incoming packets constituting a proper response are allowed through the firewall. In contrast to static packet filtering, in which only the headers of packets are checked, stateful inspection analyzes packets down to the Application layer.
In a firewall that uses stateful inspection, the network administrator can set the parameters to meet specific needs. In a typical network connected to the Internet, ports are normally closed unless an incoming packet requests connection to a specific port, and then only that port is opened to the packet. This prevents port scanning, a well-known technique used by hackers to gain entry to networks and individual computers connected to the Internet.
A well-engineered, comprehensive firewall is a must for networks today. Firewalls are increasingly employed by home computer users as well, particularly those with broadband Internet connections.
| LAST UPDATED: |
16 Apr 2007
|
 |
Read more about stateful inspection:
|


 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|

');
// -->

|