RE: [WG-Users] What is the difference between stateful packet filtering and Stateful pkt inspection ?

["Dante Mercurio" <dmercurio () ccgsecurity com>]

In general, stateful packet filtering and stateful packet inspection are
the same. Firewall manufacturers sometimes change the naming slightly to
differentiate them from Checkpoint who coined 'stateful inspection'.

Stateful inspection, or stateful filtering, do offer some content
filtering capability, but not the same capabilities of a proxy. Even
Checkpoint realizes this and has proxies thinly disguised as what they
call 'Security Servers'

M. Dante Mercurio, CCNA, MCSE+I, CCSA
dmercurio () ccgsecurity com
Consulting Group Manager
Continental Consulting Group, LLC
www.ccgsecurity.com

-----Original Message-----
From: Briggs, Bruce [mailto:BRIGGSBD () sysadm suny edu] 
Sent: Friday, January 31, 2003 12:14 PM
To: 'anil bindal'; WGL; Firewall Wizard
Subject: RE: [WG-Users] What is the difference between stateful packet
filtering and Stateful pkt inspection ?


Here is some info.  It is not clear if the stateful packet filtering is
different as implemented in the FB and the V class.

Stateful Dynamic Packet Filtering
https://www.watchguard.com/products/dynamic.asp

Stateful Packet Filtering 
https://www.watchguard.com/training/salestraining/vclass/firebo23.htm
Firebox(r) Vclass Security Features
https://www.watchguard.com/products/v_security.asp

Firebox(r) System and Firebox Vclass
http://www.watchguard.com/products/fb_v_intl_compare.asp

5) i don;t know

6) it depends on what you are trying to control. For some, yes, for
others, no.

-----Original Message-----
From: anil bindal [mailto:bindal () dcmtech co in]
Sent: Thursday, January 30, 2003 11:43 PM
To: WGL; Firewall Wizard
Subject: [WG-Users] What is the difference between stateful packet
filtering and Stateful pkt inspection ?


Hi,

1) What is the difference between a stateful pkt filter and stateful
packet inspection ?
2) Does any of above two include the payload verificaion and analysis (
i.e. application level Proxies !)?
3) What does the WG FB 1000 do ? Stateful Pkt Inspection or Stateful Pkt
filtering ?
4) What does the WG V60 do ? SPInspection or SPfiltering ?
5) Does the Watch Guard http-filter rule does the same processing on the
packet as the check point or CISCO PIX rule ??
6) Lastly is the stateful packet ( filter or inspection whatever the WG
boxes do )  sufficient from the security point of view ( no application
level proxies ? )

why all above questions are being asked is bcose i want to decide on
either FB 1000 or V60. One of them has BW management and other does not
have the application level proxies ??

What level of security will i compromise if i decide on V60 with BW
management ??

thanks and regards
anil bindal

 


--------
For help or to subscribe/unsubscribe, send mail to:
wg-users-request () lists watchguard com, with the word "subscribe",
"unsubscribe" or "help" in the body of the message.  Archives are
available at: http://wgusers.watchguard.com/


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards