In what scenario should a stateful inspection firewall and a packet-filtering firewall be used?
In general, firewalls that make use of stateful inspection are the industry norm. Stateful inspection replaced packet filtering in most environments several years ago, and the majority of modern firewall systems take advantage of it.
The main difference between the two firewalls is that stateful inspection systems maintain a state table, allowing them to keep track of all open connections through a firewall, while packet-filtering firewalls do not. When traffic arrives, the system compares the traffic to the state table, determining whether it is part of an established connection.
The only place you'll likely see packet filtering in today's environment is at an Internet-facing router. These devices often implement a basic packet-filtering rule set to weed out obviously unwanted traffic and reduce the load on a stateful inspection firewall immediately behind the router.
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Mike Chapple
It's not possible to eradicate the risk of DoS attacks, but there are steps infosec pros can take to reduce their impact. Mike Chapple shares ... Continue Reading
The HHS OCR ruled that healthcare ransomware attacks are HIPAA violations, so these covered entities need to react according to the HHS's guidance. ... Continue Reading
HIPAA regulations incorporate NIST guidelines and standards, so do healthcare organizations need to be compliant with both? Expert Mike Chapple ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.