Check Point FireWall-1 is a software firewall product that uses Stateful
Inspection Technology, which was invented and patented by Check Point.
FireWall-1 inspects all packets passing between networks connected to the
product, blocking all unwanted communication attempts. It supports the
comple-te TCP/IP family of protocols.
The packet inspection is based on information contained in protocol
headers and the state information derived from one or more associated packets.
FireWall-1 can therefore be configured not only to in-spect individual
IP packets based on the IP header information, such as source and destination
IP ad-dresses, but also to examine state information in multiple IP packets.
FireWall-1 provides IP address translation that permits selected internal
network addresses to be hidden from the external network so that only the
internal network hosts are able to initiate communica-tions. FireWall-1
also provides source and destination address translation, to overcome the
limitation of the number of IP addresses on the Internet.
FireWall-1 may be configured to operate connected to one external (public
or unprotected) network and up to 31 physical internal (protected) networks.
FireWall-1 is managed locally via a workstation or con-sole directly connected
to the firewall.