In: Computer Science
Why is this firewall considered as a stateful firewall instead of a packet filter?
Computer firewalls are an indispensable piece of network protection. By protecting networks against persistent threats, computer firewalls make it possible to weed out the vast majority of attacks levied in digital environments. Although firewalls are not a complete solution to every cybersecurity need, every business network should have one.
A stateful firewall is a firewall that monitors the full state of active network connections. This means that stateful firewalls are constantly analyzing the complete context of traffic and data packets, seeking entry to a network rather than discrete traffic and data packets in isolation.
Once a certain kind of traffic has been approved by a stateful firewall, it is added to a state table and can travel more freely into the protected network. Traffic and data packets that don’t successfully complete the required handshake will be blocked. By taking multiple factors into consideration before adding a type of connection to an approved list, such as TCP stages, stateful firewalls are able to observe traffic streams in their entirety.
However, this method of protection does come with a few vulnerabilities. For example, stateful firewalls can fall prey to DDoS attacks due to the intense compute resources and unique software-network relationship necessary to verify connections.
In computing, a stateful firewall is a network-based firewall that individually tracks sessions of network connections traversing it. Stateful packet inspection, also referred to as dynamic packet filtering, is a security feature often used in non-commercial and business networks.