Because stateful devices save the connection information, the devices can reference that data when subsequent packets pass through the same connection. Payload inspection might monitor a TCP handshake between devices, for example. Stateful devices also inspect the packet payload to verify that the device contains the appropriate data. These devices track source and destination IP addresses, as well as protocol or port information in an active connections table, which handles statistics of a network's active connections. Modern firewalls, as well as dedicated firewall software installed on routers and Layer 3 switches, are considered stateful. This is the basic filter for every packet, as each one goes through the same inspections and treatments. This means, when packets flow from one stateless interface to another, the interface inspects each packet and then either permits or denies the packet based on its source and destination IP address, as well as protocol or port information contained within the packet header. Standard access control lists configured on routers and Layer 3 switches are also stateless. Original firewalls were stateless in nature.
0 Comments
Leave a Reply. |