Firewall Combinations
The first logical evolution has been to try to combine both the packet
filtering and application-gateway approaches, using a packet-filter
screening computer or hardware router to control lower-layer
communications, and gateways to enable applications.
Stateful Inspection
Another approach that has gained widespread popularity is to inspect
packets rather than to filter them. This is just another way of saying:
consider the content of packets as well as the headers. The point being
that the packet-inspection approach tries to integrate the information
gathered from all layers into a single inspection point, which is on the
network level. Some also take into account the state of connections that
are handled. For example, a legitimate incoming packet can be
matched with the outbound request for that packet and allowed in.
Clearly, this stateful inspection is beyond a normal packet filter’s
capabilities.
No comments:
Post a Comment