cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

difference between stateful inspection and packet flow

difference between stateful inspection and packet flow

8 Replies

Re: difference between stateful inspection and packet flow

Hi Ranjeett, Stateful Inspection is a major part of the packet from through a Security Gateway, but there are some other operations there too.

More details here:  

Jerry
Gold

Re: difference between stateful inspection and packet flow

vague question   Stateful vs. Stateless FW is the answer:

A Stateful firewall is aware of the connections that pass through it. It adds and maintains information about a user's connections in a state table, referred to as a connection table. It then uses this connection table to implement the security policies for users connections. An example of the stateful firewall is PIX, ASA, Check Point.

Stateless firewalls - (Packet Filtering) Stateless firewalls, on the other hand, does not look at the state of connections but just at the packets themselves. An example of a packet filtering firewall is the Extended Access Control Lists on Cisco IOS Routers.

ps. sorry for the joke at the begining but I couldnt help it

Jerry
0 Kudos

Re: difference between stateful inspection and packet flow

I took the question in the Check Point context exclusively. But thanks for helping, it might be we need a wider aspect.

Jerry
Gold

Re: difference between stateful inspection and packet flow

as my good mate (Daniel Lavi) from your PS said "simple answers are the most difficult to find"  

Jerry
0 Kudos

Re: difference between stateful inspection and packet flow

Should that just be expressed as: Difference in packet flow when using statefull inspection ?

Re: difference between stateful inspection and packet flow

Let's wait for topic starter to reply on this

0 Kudos
siva_velu
Ivory

Re: difference between stateful inspection and packet flow

Hi All,

If we disable the secure XL, Checkpoint firewall will act as stateless? Could you Pls confirm 

The reason I am asking if we disable the secureXL all the packets will pass thorough the F2F layer so gateway doesn’t not have any cache/rememberance about connections state

0 Kudos

Re: difference between stateful inspection and packet flow

Forgive me harsh words, but this is nonsense. Check Point firewall is always stateful, with or without acceleration. 

Please refer to CP4B section of this forum and read Principles article there for more details 

0 Kudos