At 7:00 PM -0500 3/13/02, John Green wrote: >another one: > >"firewall provides filtering at the packet, circuit, >and application layer" > >packet level would be filtering based on Source, >Destination IP address. >Application layer filtering would be specific to the >application like ftp or smtp where filter rules would >examine deeper into the packets right into data part >for things like get/put for FTP filtering. > >what would be circuit level filtering ?
TCP, or the imposition of a pseudo-circuit on UDP flows. SSL, etc., sometimes are considered at this level, and an argument could be made for IPsec when the firewall is trusted. > > >--- Kent Hundley wrote: >> As far as I can tell, it means essentially >nothing. >> All SPI is by >> definition, "multi layer" since it tracks at least >> both layer 3 and layer 4. Agreed. For that matter, people forget that almost all NAT is at least layer 3-4 because it has to recalculate the TCP and UDP checksums, since they are based in part on the IP header. > > It looks like a term added to SPI to make it sound >> like its looking at more >> "layers". It's probably a term cooked up by the > > marketing departments of >> > SPI firewall vendors. > > > > You see things like this a lot, especially in the > > security product arena. > > Companies invent terms to make their technology > > sound new or unique when > > they are neither. > > > > Regards, > > Kent > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On Behalf Of > > John Green > > Sent: Thursday, February 28, 2002 9:13 AM >> > To: [EMAIL PROTECTED] > > Subject: question about stateful inspection > > [7:36817] > > > > > > what is multilayer stateful inspection ? > > >> > stateful inspection is understood fine. but what > > does > > the prefix multilayer denote or mean ? > > > > state refers to the state of a session information > > that is temporarily kept in a state table for open > > connections and is wiped or erased when the > session > > ends. BUT what does multilayer mean here ? > > -- "What Problem are you trying to solve?" ***send Cisco questions to the list, so all can benefit -- not directly to me*** ******************************************************************************** Howard C. Berkowitz [EMAIL PROTECTED] Chief Technology Officer, GettLab/Gett Communications http://www.gettlabs.com Technical Director, CertificationZone.com http://www.certificationzone.com "retired" Certified Cisco Systems Instructor (CID) #93005 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=38166&t=38163 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
