View Only
last person joined: 2 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Stateful inspection

    Posted 05-12-2017 10:30

    Stateful firewalls keep track of session state ..

    would you please explain what is keep track of session states and how it help the security aminstrator 


  • 2.  RE: Stateful inspection
    Best Answer

    Posted 05-12-2017 11:34



    Talking about this from SRX perspective :-


    • SRX keeps the information about the state of a connection in its state table.
    • The state table basically will hve information about Source IP/Port, Destination IP/Port, interfaces and flags for a tcp connection.
    • If a connection matches an already existing session, it is forwarded using Fast Path.
    • If a connection does not match an existing session, it uses First Path where all this information is recorded in the session table so that whenever a reply or a new request comes with the same parameters, it matches that session.

    Another Example :-


    • In case of a tcp connection,the SRX would have information about the flags of the packets.
    • It would not allow any packet other than the expected one.
    • Ex - For a tcp connection, the 3 way handshake should be completed in proper sequence, SYN, SYN-ACK and then ACK for any further communication to take place.

    Hope this helps.



    Sahil Sharma

    Please mark my response as Solution if it Helps, Kudos are Appreciated as well.