During the Check Point Stateful Inspection Process, what happens to packets that do not pass Firewall Kernel Inspection?

In the Check Point Stateful Inspection Process, when a packet does not pass the Firewall Kernel Inspection, it is classified as potentially harmful or non-compliant with the established security policies. Consequently, the packet is dropped, meaning it is not allowed to proceed further in the network.

When a packet is dropped due to failing inspection, it generates a negative acknowledgment back to the sender. This serves as an indication that the packet was not accepted, allowing for protocol management and ensuring that the sender is aware that their packet did not make it to the intended destination. Negative acknowledgments are crucial for certain connection-oriented protocols, as they prompt the sender to take corrective actions, like retransmitting the packet.

While logs may be kept for various events and actions within the firewall, in this specific scenario, the emphasis is on the fact that the packet is dropped with a negative acknowledgment. This provides feedback to the sender about the status of their transmission, enhancing overall network communication integrity and security.