Hi,
Thanks very much for the answer.
Would you pl refer this doc ?
http://www.sofaware.com/html/tech_stateful.shtm
It's table (page 2 of 8)makes me beleive that the stateful inspection does Application derived state+Information manipulation which is done actually by an application filter.Right??
Again the defenition in page 4 of 8 says "stateful inspection extracts state-related information required for security decision from all application layers and maintain this information in dynamic state table for evaluating subsequent connection attempts."
Could you pl clarify ???
Thanks
Ricky
-----Original Message-----
From: Shimon Silberschlag [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, May 22, 2002 11:18 AM
To: Raj Baby; [EMAIL PROTECTED]
Subject: Re: question
The "security servers" (using CP terminology) can be considered
application level gateways. This is why many think of CP as a hybrid
firewall, as opposed to doing stateful inspection only.
You can't do stuff like the PUT/GET you describe without going to
layer 7 - checking the packet payload.
HTH,
Shimon Silberschlag
+972-3-9352785
+972-51-207130
----- Original Message -----
From: "Raj Baby" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, May 22, 2002 15:48
Subject: question
> Hi,
>
> If i configure firewall 1 in windows NT using rule base editor,is it
going to be a stateful inspection??
>
>
> If that is the case ,then why is content filtering used for
application filtering like restricting an FTP GET or allowing an FTP
PUT??
>
>
> I mean to say that is to be taken care by stateful inspection
Right??)
>
> Help is greatly appreciated by a NOVICE in checkpt
>
> Thanks,
> Ricky (Baby Raj P)
> Computer Associates International, Inc
> Technology Consultant / NT Storage
> Tel: +1 866-422-2774
> E-Mail: [EMAIL PROTECTED]
>
>
> _______________________________________________
> Firewalls mailing list
> [EMAIL PROTECTED]
> For Account Management (unsubscribe, get/change password, etc)
Please go to:
> http://lists.gnac.net/mailman/listinfo/firewalls
