- CCNA Security 210-260 Certification Guide
- Glen D. Singh Michael Vinod Vijay Anandh
- 132字
- 2025-02-22 12:45:06
Circuit-level gateway firewall/stateful firewall
This is also known as a transparent proxy firewall. The word stateless indicates that the firewall checks the matching criteria and, if matched, forwards the traffic, but the return traffic will once again be inspected as a separate packet.
For example, assume web traffic is going from host A to server B. If this traffic was allowed by the firewall, the traffic would pass through. However, the return traffic, that is, from server B to host A, would once again be verified on the outbound interface of the firewall. If the firewall has a policy to block this traffic, then the return traffic gets dropped. This might not be proper policy enforcement on the firewall.
An example of a stateful firewall is Cisco Adaptive Security Appliance (Cisco ASA):
