The Access List decided to permit or block the traffic based on the following 5-Fields:
1. Source IP-AddressIn the late nineties the idea of Stateful Firewalls was introduced. As you know, when two hosts communicate, they keep sending and receiving packets. So in the case of Access List, two rules have to be added in both directions for those hosts to be able to communicate. But Stateful Firewalls on the other hand are smarter than this. They keep track of the Session, and that's why in Stateful Firewalls you only have to create one rule from the Client to the Server, traffic from the Server to the Client will be treated as a part of the session, and that's why you won't need to add an extra rule in such direction.
2. Destination IP-Address
3. Protocol (TCP, UDP, ICMP, etc.)
4. Source Port
5. Destination Port
Stateful Firewalls are also more secure than Access Lists, as packets that doesn't belong to an active session will be dropped. The presence of Session Table in Stateful Firewalls improves their performance as they only need to check the rules in the first packet of the session.
1. Please tell me if the subject is not clear enough, or if you feel that I have to write more details in order to clarify it.
2. You can read more about Stateful Firewalls here and here.
Tags: Firewalls, Security, Gr33n Data