stateful inspection

Stateful inspection is an advanced firewall architecture that was invented by Check Point Software Technologies in the early 1990s. Also known as dynamic packet filtering, it has replaced static packet filtering as the industry standard firewall solution for networks.

Stateful inspection provides enhanced security by keeping track of communications packets over a period of time. Both incoming and outgoing packets are examined. Outgoing packets that request specific types of incoming packets are tracked; only those incoming packets constituting a proper response are allowed through the firewall. In contrast to static packet filtering, in which only the headers of packets are checked, stateful inspection analyzes packets down to the Application layer.

In a firewall that uses stateful inspection, the network administrator can set the parameters to meet specific needs. In a typical network connected to the Internet, ports are normally closed unless an incoming packet requests connection to a specific port, and then only that port is opened to the packet. This prevents port scanning, a well-known technique used by hackers to gain entry to networks and individual computers connected to the Internet.

A well-engineered, comprehensive firewall is a must for networks today. Firewalls are increasingly employed by home computer users as well, particularly those with broadband Internet connections.

Read more about stateful inspection: - Service Strategies, Inc. explains how stateful inspection works. - SearchSecurity.com offers numerous links to information about firewalls.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT SIEM platform secures university's open network With security information and event management platform QRadar, Wayne State University has secured its open network without locking down its systems. Shifting defenses and dynamic perimeters challenge network security Network security faces challenges from de-perimeterization and other IT trends. Securing the new network architecture In modern networks, security is less about locking down a perimeter and more about controlling access and behavior and ensuring data safety in a...

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary anti-replay protocol  (SearchNetworking.com) dynamic packet filter  (SearchNetworking.com)