Hi everyone, Ed Amoroso here. And I want to talk to you about two different types of computing devices and ultimately two different kinds of firewalls, but think it's true just about any device. So we'll keep it general and then we'll hone in on how this works for a firewall. And the two types are ones that either have some ability to remember or not, and the thing we're going to remember is something that a computer scientist would refer to as a state. So a state is something you can think of as like a snapshot. If I want to freeze frame memory in a computer, or freeze frame something, some aspect of memory, just remember it, freeze it and use it in some subsequent state, then that's called being stateful. Like having the ability to capture and use state to have memory, to be able to count something, or say, I saw this before. To have that ability. In contrast, some devices don't do that. Some devices just have programmability that in some sense is referred to as being context-free. So imagine me as a guard in a building and I'm told, I say, listen, here's what you're going to do. When somebody comes in, you say, are you wearing a blue jacket? If they're not wearing a blue jacket, you send them off. If they are wearing a blue jacket, you let them in. Not wearing blue jacket, get lost. Wearing blue jacket, come in. So you're programmed to just look, blue jacket, you got it on, go ahead in. Blue jacket, okay, come in. Not wearing blue jacket, go off. Now let's say some guy, Bill, comes in and he's wearing the blue jacket. And you go, hi, Bill, blue jacket [SOUND], let's you in. And then Bill, for whatever reason realized that he left something, his coffee out on the street. So Bill tiptoes out, grabs his coffee, comes back and says, hi. And you go, wait! And you go, what? Now Bill, when he went inside, happened to take his blue jacket off. He says, well, I want to go back in. You go, well, sorry, you're not wearing a blue jacket. So you just let me in two seconds ago, don't you remember? I came in, I said hi, I'm wearing a blue jacket, I walked over there, went, forgot my coffee. Now I happened to take my jacket off, you're not letting me in? And you go no, I don't remember anything, all I do is you have a blue jacket in, you go in, no blue jacket, get lost. And see how crazy that is? But a lot of packet processing works that way. It's packet comes in, read what's in the packet, do something. Packet comes in, read what's in the packet, do something. No statefulness, no, like if I'm guessing passwords, you might have a game where you say, if you guess the password you're in, if you don't get the password, you're out. So you go, password, no good, sorry. Password, no good, sorry. Password, no good, sorry. You might do that a billion times. And that device never becomes suspicious that something might be going on, because it's not programmed to remember. Do you follow? This is foundational to cybersecurity. You are either making decisions that are stateful or stateless. And yes, we tend to talk about that in the context of firewalls. It's almost always talked about in the context of firewalls. But what I want you to do is generalize the notion, statefulness, statelessness, are properties of any device that's making any decision about certain types of things. And I like the idea of sort of context-free and context sensitive. Context-free, meaning make the decision, don't worry about what happened previously. Context sensitive, this is the fifth time you're getting a bad password to me, maybe something funny's going on. I'm taking into account the context in which I'm detecting something. These are foundational concepts of things that I want to make sure you understand. It's why I highlight these concepts in one video, like we sort of could have packed this with ten other things. But I really want to highlight that, because it's something that you want to have in mind as you're designing systems and particularly as you're designing firewalls. Now you'll see, that when we do think about firewalls, packet filtering, which we'll be doing a little bit, where we're investigating a packet and making decisions about it, will tend to be stateless. But a concept called a proxy, as we'll define in a subsequent discussion, will tend to be stateful. So as you move up the application stack, say in the OSI stack, things tend to be more stateful. As you move down they tend to be more stateless, but not perfect. And some of you may be cringing going, no, you can be stateful with layer two. And I agree, I'm just saying with the tendency is that as things get more intelligent, more application aware, tend to have more memory. So keep that in mind. Stateful, stateless, it'll help you design better cybersecurity systems. We'll see in the next video.
