Stateful Inspection Firewall – a technology that controls the flow of traffic between two or more networks. SI Firewalls track the state of sessions and dropping packets that are not part of a session allowed by a pre-defined security policy. This is sometimes called session-level protection because they keep state information for each network session and make allowed/denied decisions based on a session state table.
SI firewalls go beyond individual transmission control protocol (TCP) connections to involve many such connections. Session-level firewalls support dynamic protocols by identifying port change instructions in client-server communication and comparing future sessions against these negotiated ports. For instance, to track fire transfer protocol (FTP) sessions, the firewall inspects the control connection, used for issuing commands and negotiating dynamic ports, and then allows in various data connections for transferring files.
Because session level protection provides all the benefits of packet level protection without the limitations, it renders packet level protection unnecessary for most networks.