Register now or log in to join your professional community.
Stateful is a type of firewall that inspects packets as they flow through it, allowing established connections to continue whilst denying packets that are not associated with an established connection. Stateful firewalls inspect the packets at all levels.
A stateless firewall is one that is statically configured to permit or deny specific IP traffic based simply on its source and/or destination ip address and/or port number. It does not look any deeper into the packet. Adding access lists to a router is like having a stateless firewall.
A stateful firewall will protect your network with very little configuration out of the box. It will implicitly deny unsolicited inbound packets but it will permit them if the session was initiated from the protected network. That's the beauty of it -- it knows the difference.
A stateless firewall has no real concept of inside/outside or protected/unprotected. You have to specify exactly what traffic will be permitted and denied, sometimes on each interface.