También denominada “dynamic packet filtering”
(filtrado dinámico de paquetes). Firewall que, al realizar un seguimiento del
estado de las conexiones de la red, proporciona una seguridad mejorada. Al
estar programado para distinguir los paquetes legítimos de las diversas
conexiones, el firewall permitirá solamente aquellos paquetes que coinciden con
una conexión establecida, y rechazará a todos los demás.
http://es.pcisecuritystandards.org
La condición "stateful" se refiere a la
capacidad de guardar registro de las conexiones establecidas y establecer
reglas de filtrado en base a la correcta secuencia de las mismas.
[CCN-STIC-641:2006]
Filtrado de paquetes que memoriza las comunicaciones
a nivel de transporte previamente establecidas. [CCN-STIC-400:2006]
Filtrado de paquetes básico que trata los paquetes
de manera individual sin tener en cuenta información del estado de la
comunicación. [CCN-STIC-400:2006]
Filtrado de paquetes que además de memorizar las
comunicaciones a nivel de transporte, inspecciona el contenido de los paquetes
utilizando decodificadores de protocolo para así interpretar los flujos
dinámicos de comunicaciones asociados. [CCN-STIC-400:2006]
Also called “dynamic packet
filtering,” it is a firewall capability that provides enhanced security by
keeping track of communications packets. Only incoming packets with a proper
response (“established connections”) are allowed through the firewall.
https://www.pcisecuritystandards.org/security_standards/glossary.php
"Packet filtering"
means using a firewall to examine where each packet comes from (by IP source
address), where it's going (IP destination), and what port it's using. This
information helps the firewall determine whether to allow or deny the packet's
passage through your network. In stateful inspection, the firewall also
examines more of the packet's delivery information and its conditions,
including what port the packet is using, and maintains a sense of context. For
example, a packet might arrive looking like a valid Reply packet, but if you
never issued a Request, through dynamic packet filtering the firewall can sense
that this is a spurious packet, and deny it.
http://www.watchguard.com/glossary/
A technology developed by
Check Point Software Technologies that accesses an analysis all data derived
from all communications layers. The state and context data is stored and
updated dynamically, providing virtual session information for tracking
connectionless protocols. The cumulative data are used to decide on a
appropriate action.
http://www.qtsnet.com/SecuritySolutions/security_glossary.html
Also referred to as dynamic
packet filtering. Stateful inspection is a firewall architecture that works at
the network layer. Unlike static packet filtering, which examines a packet
based on the information in its header, stateful inspection examines not just
the header information but also the contents of the packet up through the
application layer in order to determine more about the packet than just
information about its source and destination.
http://www.sans.org/security-resources/glossary-of-terms/
Également nommé
«filtrage des paquets dynamique». Capacité de pare-feu qui fournit une sécurité
renforcée en gardant la trace du statut des connexions de réseau. Programmé
pour distinguer les paquets légitimes pour diverses connexions, uniquement les paquets
contenant une connexion établie seront autorisés par le pare-feu, les autres
seront rejetés.