Home > Articles > Computer Terms & Definitions > Computer Systems > Computer Hardware

What Is Stateful Packet Inspection?

What Is Stateful Packet Inspection

Date First Published: 17th March 2024

Topic: Computer Systems

Subtopic: Computer Hardware

Article Type: Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 7/10

Learn about what stateful packet inspection in this article.

Stateful packet inspection (SPI) is a firewall technology used to determine which packets to allow through the firewall. It filters packets based on state and context. The state of the connection is specified in session packets and the context includes information, such as source and destination IP addresses and ports, sequence numbers, and other types of metadata. Keeping track of the state of network connections allows the device to filter unwanted or harmful network traffic.

How Does Stateful Inspection Work?

Stateful inspection checks both incoming and outgoing communications packets while keeping an eye on them throughout time. The firewall monitors outgoing packets that make requests for particular kinds of incoming packets, and it allows incoming packets to go through if they include the right kind of response.

For example, when the protocol is TCP, the firewall records the status and context of a packet and compares it with the session data that is already in place. The packet passes through the firewall if there is already a matched entry. The packet needs to go through certain policy checks if no match is detected. At that point, the firewall assumes the packet is for a new connection if it fulfils the policy requirements, in which case it records the session data in the relevant tables.

Advantages and Disadvantages Of Stateful Inspection

The advantages of stateful inspection are:
  • It offers a lot of control over what content is let in or out of the network.
  • It does not need to open several ports to allow traffic in or out.
  • It provides advanced logging capabilities.
The disadvantages of stateful inspection are:
  • It is resource-intensive and interferes with the speed of network communications.
  • Compared to other firewall options, it is more expensive.
  • It does not provide authentication to validate traffic sources that are not spoofed.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments


What Is Computerhelp4all?

  • Computerhelp4all is a site with articles for everyone about the topic of computing, as suggested in the name '4all'.


Featured Articles

Featured Quizzes

Topics

Computer Networking Cybersecurity Computer Systems Web Design & Development

Subtopics

Network Services Network Setups Network Standards Network Hardware Network Identifiers Network Software Internet Protocols Internet Organisations Data Transmission Technologies Web Development Web Design Web Advertising Web Applications Web Organisations Web Technologies Web Services SEO Threats To Systems, Data & Information Security Mechanisms & Technologies Computer Hardware Computer Software Ethics & Sustainability Legislation & User Data Protection

Activities

Wordsearches Unscramble Words Knowledge Questions

Difficulty

Easy articles Medium articles Advanced articles

Follow Computerhelp4all


Facebook Logo
RSS Logo
YouTube Logo

Search



Related Articles





© 2022-2024 Computerhelp4all | Home | About | Privacy Policy | Cookie Policy | Terms of Use | Facebook | Twitter | RSS Feeds | YouTube