Skip to Main Content
Network Security First-Step, Second Edition
book

Network Security First-Step, Second Edition

by Thomas M. Thomas, Donald Stoddard
December 2011
Beginner content levelBeginner
552 pages
13h 30m
English
Cisco Press
Content preview from Network Security First-Step, Second Edition

Stateful Packet Inspection

This section discusses the more advanced technique of packet inspection: Stateful Packet Inspection (SPI). To understand how SPI operates, you must briefly review the TCP/IP model.

Note

Many people are confused about the relationship between the OSI reference model and the TCP/IP model—simply put, the use of OSI is a reference for developers whereas, in education, functionally TCP/IP is used. Therefore, you must use the TCP/IP model when inspecting packets.

Figure 5-5 shows the five layers of the TCP/IP model. The stateful inspection component is concerned with how TCP (Layer 4—transport) makes connections. Tracking the state of the TCP connection is done via Layer 4 of the TCP/IP model.

Figure 5-5 TCP/IP Model

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Network Security Auditing

Network Security Auditing

Chris Jackson - CCIE No. 6256
Security and Privacy in Cyber-Physical Systems

Security and Privacy in Cyber-Physical Systems

Houbing Song, Glenn A. Fink, Sabina Jeschke

Publisher Resources

ISBN: 9781587204142Purchase book