A TCP session is often called a virtual circuit. A virtual circuit is identified by the source and destination IP addresses and also the source and destination TCP ports. Maybe that's what they are referring to. Filtering on those would be a good way to isolate a single session. (Although be careful with FTP which opens two virtual circuits, one for data and one for control.)
Priscilla At 05:02 PM 3/13/02, John Green wrote: >another one: > >"firewall provides filtering at the packet, circuit, >and application layer" > >packet level would be filtering based on Source, >Destination IP address. >Application layer filtering would be specific to the >application like ftp or smtp where filter rules would >examine deeper into the packets right into data part >for things like get/put for FTP filtering. > >what would be circuit level filtering ? > > > >--- Kent Hundley wrote: > > As far as I can tell, it means essentially nothing. > > All SPI is by > > definition, "multi layer" since it tracks at least > > both layer 3 and layer 4. > > It looks like a term added to SPI to make it sound > > like its looking at more > > "layers". It's probably a term cooked up by the > > marketing departments of > > SPI firewall vendors. > > > > You see things like this a lot, especially in the > > security product arena. > > Companies invent terms to make their technology > > sound new or unique when > > they are neither. > > > > Regards, > > Kent > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > John Green > > Sent: Thursday, February 28, 2002 9:13 AM > > To: [EMAIL PROTECTED] > > Subject: question about stateful inspection > > [7:36817] > > > > > > what is multilayer stateful inspection ? > > > > stateful inspection is understood fine. but what > > does > > the prefix multilayer denote or mean ? > > > > state refers to the state of a session information > > that is temporarily kept in a state table for open > > connections and is wiped or erased when the session > > ends. BUT what does multilayer mean here ? > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! Greetings - Send FREE e-cards for every > > occasion! > > http://greetings.yahoo.com > > [EMAIL PROTECTED] > > > > >__________________________________________________ >Do You Yahoo!? >Try FREE Yahoo! Mail - the world's greatest free email! >http://mail.yahoo.com/ ________________________ Priscilla Oppenheimer http://www.priscilla.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=38179&t=36817 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
