Stateful inspection firewalls monitor the state of active connections and use this information to determine which network packets to allow through the firewall.
This is in contrast to static packet filtering where only the headers of packets are checked. Attackers can exploit this property of static filters to sometimes get information through the firewall by doing something like indicating "reply" in the header.
Stateful inspection, on the other hand, analyzes packets all the way down to the application layer of the OSI model. Stateful inspection can monitor communications packets over a period of time and examine both incoming and outgoing packets. Outgoing packets that request specific types of incoming packets are tracked and only incoming packets that are proper responses are allowed through the firewall.
In a firewall that uses stateful inspection, the network administrator can set the parameters to meet specific needs, for example ports can be closed unless an incoming packet requests connection to a specific port and then only that port is opened. This practice prevents port scanning, a well-known hacking technique.
Firewalls perform a simple form of "stateful inspection" of the packets that flow through them.
Stateful Inspection. A stateful inspection firewall uses a technique known as stateful packet filtering to keep track of communication channels. This is different when compared to basic firewalls. Once the packet and connection has been sent, a normal firewall will not remember the communication channel, whereas the stateful inspection firewall will. This also proves useful to protect connectionless communication protocols.
All routers provide good hardware firewalls using stateful packet inspection (SPI), but Buffalo routers are excellent in this regard.
cisco
Stateful inspection works at Network Layer . Many Thanks, Chinmoy Roy
Yes it offers the staeful inspection.
Stateful packet inspection
Stateful firewalls use session-based rules to control traffic. The disadvantage of a stateful firewall is that it can be vulnerable to Denial of Service (DoS) attacks if a lot of new connections are opened very fast.
dynamic state tables
logs stateful inspection
Difference between Checkpoint and Juniper Firewalls: Juniper follows two-tier architecture whereas Checkpoint follows three-tier architecture. Juniper uses the concept of Deep inspection process where as the checkpoint uses the stateful inspection process. Juniper uses the concept of Zones whereas Checkpoint do not use.
Stateful packet inspection