Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

difference between stateful inspection and packet flow

difference between stateful inspection and packet flow

8 Replies
Highlighted
Admin
Admin

Hi Ranjeett, Stateful Inspection is a major part of the packet from through a Security Gateway, but there are some other operations there too.

More details here: https://community.checkpoint.com/docs/DOC-3061-security-gateway-packet-flow-and-acceleration-with-di... 

Highlighted
Leader
Leader

vague question   Stateful vs. Stateless FW is the answer:

A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about a user's connections in a state table, referred to as a connection table. It then uses this connection table to implement the security policies for users connections. An example of the stateful firewall is PIX, ASA, Check Point.

Stateless firewalls - (Packet Filtering) Stateless firewalls, on the other hand, does not look at the state of connections but just at the packets themselves. An example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

ps. sorry for the joke at the begining but I couldnt help it

Jerry
0 Kudos
Highlighted
Admin
Admin

I took the question in the Check Point context exclusively. But thanks for helping, it might be we need a wider aspect.

Highlighted
Leader
Leader

as my good mate (Daniel Lavi) from your PS said "simple answers are the most difficult to find"  

Jerry
0 Kudos
Highlighted
Champion
Champion

Should that just be expressed as: Difference in packet flow when using statefull inspection ?

Highlighted
Admin
Admin

Let's wait for topic starter to reply on this

0 Kudos
Highlighted
Explorer

Hi All,

If we disable the secure XL, Checkpoint firewall will act as stateless? Could you Pls confirm 

The reason I am asking if we disable the secureXL all the packets will pass thorough the F2F layer so gateway doesn’t not have any cache/rememberance about connections state

0 Kudos
Highlighted
Admin
Admin

Forgive me harsh words, but this is nonsense. Check Point firewall is always stateful, with or without acceleration. 

Please refer to CP4B section of this forum and read Principles article there for more details 

0 Kudos