Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ranjeett_Ranjan
Explorer

difference between stateful inspection and packet flow

difference between stateful inspection and packet flow

8 Replies
_Val_
Admin
Admin

Hi Ranjeett, Stateful Inspection is a major part of the packet from through a Security Gateway, but there are some other operations there too.

More details here: https://community.checkpoint.com/docs/DOC-3061-security-gateway-packet-flow-and-acceleration-with-di... 

Jerry
Mentor
Mentor

vague question   Stateful vs. Stateless FW is the answer:

A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about a user's connections in a state table, referred to as a connection table. It then uses this connection table to implement the security policies for users connections. An example of the stateful firewall is PIX, ASA, Check Point.

Stateless firewalls - (Packet Filtering) Stateless firewalls, on the other hand, does not look at the state of connections but just at the packets themselves. An example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

ps. sorry for the joke at the begining but I couldnt help it

Jerry
0 Kudos
_Val_
Admin
Admin

I took the question in the Check Point context exclusively. But thanks for helping, it might be we need a wider aspect.

Jerry
Mentor
Mentor

as my good mate (Daniel Lavi) from your PS said "simple answers are the most difficult to find"  

Jerry
0 Kudos
G_W_Albrecht
Legend Legend
Legend

Should that just be expressed as: Difference in packet flow when using statefull inspection ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
_Val_
Admin
Admin

Let's wait for topic starter to reply on this

0 Kudos
siva_velu
Explorer

Hi All,

If we disable the secure XL, Checkpoint firewall will act as stateless? Could you Pls confirm 

The reason I am asking if we disable the secureXL all the packets will pass thorough the F2F layer so gateway doesn’t not have any cache/rememberance about connections state

0 Kudos
_Val_
Admin
Admin

Forgive me harsh words, but this is nonsense. Check Point firewall is always stateful, with or without acceleration. 

Please refer to CP4B section of this forum and read Principles article there for more details 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events