stateful inspection


Also found in: Dictionary, Thesaurus, Medical, Financial.

stateful inspection

A firewall technology that ensures that all inbound packets are the result of an outbound request. Also called "stateful packet inspection" (SPI), it was designed to prevent harmful or unrequested packets from entering the computer. For example, if you click on a link to a Web page, an HTTP request is being made to a specific URL address. All packets coming back from that URL would pass the stateful inspection and be accepted. Every so many minutes, your email program queries the mail server, and returning packets from that server are allowed.

Essential and Problematic
Stateful inspection is the norm and generally a major component in every network firewall and personal firewall. However, stateful inspection causes problems with videoconferencing and VoIP, in which a user outside the network wants to initiate a communication with a user inside the network. Various techniques are used to work around this (see STUN, UPnP and port forwarding). See firewall.
References in periodicals archive ?
* Stateful inspection. Some firewalls also employ an inspection module, which is software that inspects packets and can verify the application, user, and transportation method.
The client has comprehensive security functions, including IPSec encryption with AES or 3-DES; authentication via digital certificates and hardware tokens; a dynamic personal firewall with stateful inspection and friendly net detection for automatic detection of secure and non-secure networks.
* Performance: Increases of 10 to 20 percent in the amount of content passing through the appliance for stateful inspection saves companies from having to purchase additional appliances when more bandwidth is required.
These capabilities are typically a subset of features found in products like enterprise firewalls and packet shapers, usually employing a combination of MAC, protocol and transport layer rules, but seldom providing stateful inspection or application layer capabilities.
It does, however, come closer to resembling some of the popular personal firewall products on the market today, by giving some level of control over outbound application traffic, unlike ICF, which was a basic stateful inspection filter.
FireWall-1 GX is based on Check Point's Stateful Inspection technology and Secure Virtual Network architecture.
In addition, the new firewall offering utilizes a uniquely engineered feature called Firewall Flows, which moves the Stateful Inspection process to the hardware level, significantly reducing the CPU needs of the firewall for increased performance.
is a low-cost residential Internet security firewall based on Check Point Software's powerful Stateful Inspection technology.
The devices offer features such as stateful inspection firewall, IPSec VPN, standards-based routing/switching protocols, CLI, web-based GUI, QoS for VoIP and other applications and NAT-compatible SIP ALG for VoIP applications.
The resulting D-Link NetDefend security appliances will offer SMBs an all-in-one network security solution combining an enterprise-class stateful inspection firewall, gateway antivirus, intrusion prevention, remote-access virtual private networking, and content filtering into a single, easy-to-use platform.