Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
henockk
New Contributor

Statefull Firewall

Dear all

 

I am new to Firewall Technologies and I want to ask Regardless of statefull Firewall feature. A statefull firewall maintains the tcp state and knows a user session so why do we need to allow a user to allow in both direction incoming and outgoing for same traffic if the state is already known when the user requests the session is known and the firewall knows for the returning also 

Henock Kebede
1 Solution
Yurisk
Valued Contributor

That is the point of stateful inspection - you don't need to allow user/whoever the returning traffic. The stateful firewall takes care of matching returning packets to the existing outgoing connection. 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.

View solution in original post

1 REPLY 1
Yurisk
Valued Contributor

That is the point of stateful inspection - you don't need to allow user/whoever the returning traffic. The stateful firewall takes care of matching returning packets to the existing outgoing connection. 

Yuri
https://yurisk.info/ blog: All things Fortinet, no ads.


All opinions are mine only.