Stateful firewall
In computing, a stateful firewall is anetwork firewall that tracks the operating state and characteristics of networkconnections traversing it. The firewall is configured to distinguish legitimatepackets for different types if connections. Only packets matching a knownactive connection are allowed to pass the firewall.
Stateful packet inspection (SPI), alsoreferred to as dynamic packet filtering, is a security feature often includedin business networks.
A stateful firewall keeps track of thestate of network connections (such as TCP streams or UDP communication) and isable to hold significant attributes of each connection in memory. Theseattributes are collectively known as the state of the connection, and mayinclude such details as the IP addresses and ports involved in the connectionand the sequence numbers of the packets traversing the connection. Stateful inspectionmonitors incoming and outgoing packets over time, as well as the state of theconnection, and stores the data in dynamic state tables. This cumulative datais evaluated, so that filtering decisions would not only be based onadministrator-defined rules, but also on context that has been built byprevious connections as well as previous packets belonging to the sameconnection.
From: https://en.wikipedia.org/wiki/Stateful_firewall
'Computer Science > Terminology' 카테고리의 다른 글
| Application firewall (0) | 2018.03.30 |
|---|---|
| Open System Interconnection Protocols (0) | 2018.03.30 |
| Packet-filtering Firewall (0) | 2018.03.30 |
| User Datagram Protocol (UDP) (0) | 2018.03.30 |
| Transmission Control Protocol (TCP) (0) | 2018.03.30 |