Re: [fw-wiz] State of security technology for the enterprise



Paul D. Robertson wrote:
"Deep packet inspection" has been on the market as such for a number of years as the challengers to "stateful packet inspection"

...And nobody has ever done an adequate job of explaining what is
stateful about SPI or particularly "deep" about DPI. As one of those
obnoxious guys who always did everything at Layer 7, it seems more
like an argument about who's the tallest kid in the shallow end of
the pool.

mjr.
--
Marcus J. Ranum CSO, Tenable Network Security, Inc.
http://www.tenablesecurity.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards



Relevant Pages

  • Re: Linksys BEFSR41 and SPI
    ... > Does the BEFSR41 do Stateful Packet Inspection or not? ... > that the Linksys routers used to do SPI, but Linksys removed the feature. ...
    (comp.security.firewalls)
  • Re: Why does passive FTP work behind router/firewall?
    ... but afaict your router has SPI ... > FTP outgoing packets with port information and PASV data transfer ... > requests and to subsequently open relevant prots on the router. ... Stateful Packet Inspection is another means of stopping unsolicted ...
    (comp.security.firewalls)
  • Re: Why does passive FTP work behind router/firewall?
    ... > this means that it is smart enough to recognize an FTP session ... As far as I understood, SPI is a firewall feature, which prevents ... When the SPI (Stateful Packet Inspection) feature is turned on, ...
    (comp.security.firewalls)
  • Re: Linksys SPI
    ... I didn't know that SPI was stateful packet inspection (on ... I doubt that these cheap routers can actually perform ... "true" spi, but hey I thought that it was worth a shot, so I enabled it. ... it shouldn't disable or enable the NAT firewall. ...
    (comp.security.firewalls)
  • Re: SPI?
    ... >> That is incorrect in this context. ... Does the router do Stateful packet inspection? ... > So I would guess that SPI doesn't stand for Stateful packet inspection - Not ...
    (comp.security.firewalls)