10.7. Stateful Packet Inspection
Using stateful packet inspection (SPI), a firewall appliance holds the significant attributes of each connection in memory. These attributes, collectively known as the "state of the connection," include such details as the IP addresses and ports involved in the connection and the sequence of packets traversing the connection. The most CPU-intensive checking is performed at the time of the start of the connection. All packets after that (for that session) are processed rapidly because it is simple and fast to determine whether they belong to an existing, prescreened session. Once the session has ended, its entry in the state table is discarded.
Most modern firewalls, including those in some Linksys and Netgear ...
Get Enterprise Mac Security: Mac OS X Snow Leopard now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
