Network Security
Stateful Firewall
Also known as: Stateful inspection firewall
Definition
A firewall that tracks the state of active connections in a connection table and allows return traffic that matches an established session.
Examples
- A Linux iptables ruleset using conntrack to permit ESTABLISHED,RELATED return traffic.
- A Cisco ASA tracking outbound HTTP flows so responses are allowed back automatically.
Related terms
Firewall
A network security device or software that monitors and controls inbound and outbound traffic based on a defined ruleset, separating trusted from untrusted networks.
Stateless Firewall
A firewall that evaluates each packet independently against static rules, without tracking the state of connections.
Packet Filtering
A network-security technique that inspects each packet's header fields and allows or drops it based on a static ruleset.
Next-Generation Firewall (NGFW)
An advanced firewall that combines stateful inspection with application awareness, integrated IPS, user-identity controls, and TLS inspection to enforce richer policies.
SYN Flood
A TCP-based denial-of-service attack that sends many SYN packets without completing the three-way handshake, exhausting the target's connection-state resources.
Deep Packet Inspection (DPI)
An inspection technique that examines the full payload of network packets — not just headers — to identify applications, content, and threats.