fbpx

Mimomax Tornado radios have a stateful lockout-protected firewall (offering a far more rigorous approach to network security than Stateless Firewalls) which is configurable from every radio’s User Interface. The firewall supports L2 and L3 modes and defines independent zones of access and also policies of how traffic will be treated if rules have not been defined.

 

Stateful vs Stateless Firewalls

 

A Stateful Firewall is designed to inspect every aspect of the data packets trying to access the network – not only the content and characteristics of the data but also the channels of communication.

  • By closely examining the behavior of data packets (including tracking patterns), a stateful firewall can immediately identify any suspicious packets as a threat.
  • Collecting such a huge amount of data points about the packets traversing the network allows the firewall to create profiles of so-called “safe” connections.
  • Subsequently, when a connection is attempted, the firewall can check it against the list of “safe” attributes, allowing ingress for those that match the safe attributes and discarding those packets which do not match.

In comparison, a Stateless Firewall uses a predefined set of clear rules about the attributes of data packets which are considered “safe.

  • These predefined rules will either be set by a network administrator or will have been loaded by the manufacturer prior to deployment.
  • At the point a connection is attempted, if the packet matches this set of rules, it will be considered to be “safe” and will be granted entry.
  • If a packet fails to match the predefined rules, access will be denied.

 

The key difference between Stateful and Stateless is that in the latter, the traffic is only “classified”, not fully inspected as with a Stateful Firewall.  For these reasons, Stateful Firewalls offer far more rigorous network protection than Stateless Firewalls.

Note: This is a high level overview of the difference between Stateful and Stateless firewalls.  More technical, non-vendor related information can be found on sites such as Wikipedia.