The "security servers" (using CP terminology) can be considered application level gateways. This is why many think of CP as a hybrid firewall, as opposed to doing stateful inspection only. You can't do stuff like the PUT/GET you describe without going to layer 7 - checking the packet payload.
HTH, Shimon Silberschlag +972-3-9352785 +972-51-207130 ----- Original Message ----- From: "Raj Baby" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, May 22, 2002 15:48 Subject: question > Hi, > > If i configure firewall 1 in windows NT using rule base editor,is it going to be a stateful inspection?? > > > If that is the case ,then why is content filtering used for application filtering like restricting an FTP GET or allowing an FTP PUT?? > > > I mean to say that is to be taken care by stateful inspection Right??) > > Help is greatly appreciated by a NOVICE in checkpt > > Thanks, > Ricky (Baby Raj P) > Computer Associates International, Inc > Technology Consultant / NT Storage > Tel: +1 866-422-2774 > E-Mail: [EMAIL PROTECTED] > > > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > For Account Management (unsubscribe, get/change password, etc) Please go to: > http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
