A TCP session is often called a virtual circuit. A virtual circuit is
identified by the source and destination IP addresses and also the source
and destination TCP ports. Maybe that's what they are referring to.
Filtering on those would be a good way to isolate a single session.
(Although be c
another one:
"firewall provides filtering at the packet, circuit,
and application layer"
packet level would be filtering based on Source,
Destination IP address.
Application layer filtering would be specific to the
application like ftp or smtp where filter rules would
examine deeper into the pa
: Thursday, February 28, 2002 1:00 PM
To: [EMAIL PROTECTED]
Subject: Re: question about stateful inspection [7:36817]
Well...if stateful inspection is used at layer three..then the device
utilizing this function is keeping track of the session flowing through...
I would think that stateful inspect
As far as I can tell, it means essentially nothing. All SPI is by
definition, "multi layer" since it tracks at least both layer 3 and layer 4.
It looks like a term added to SPI to make it sound like its looking at more
"layers". It's probably a term cooked up by the marketing departments of
SPI
Well...if stateful inspection is used at layer three..then the device
utilizing this function is keeping track of the session flowing through...
I would think that stateful inspection at the application layer would be
doing the same...(at leastmaybe even extra stuff)
So if you have an smtp s
I think it means the ability to check other layers such as 4-7. For
example, the ability to check http or SMTP commands.
--
RFC 1149 Compliant
""John Green"" wrote in message
news:[EMAIL PROTECTED].;
> what is multilayer stateful inspection ?
>
> stateful inspection is understood fine. but wh
6 matches
Mail list logo