SRX

 View Only
last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  Stateful inspection

    Posted 05-12-2017 10:30

    Stateful firewalls keep track of session state ..

    would you please explain what is keep track of session states and how it help the security aminstrator 


    #SRXFirewall


  • 2.  RE: Stateful inspection
    Best Answer

    Posted 05-12-2017 11:34

    Hi,

     

    Talking about this from SRX perspective :-

     

    • SRX keeps the information about the state of a connection in its state table.
    • The state table basically will hve information about Source IP/Port, Destination IP/Port, interfaces and flags for a tcp connection.
    • If a connection matches an already existing session, it is forwarded using Fast Path.
    • If a connection does not match an existing session, it uses First Path where all this information is recorded in the session table so that whenever a reply or a new request comes with the same parameters, it matches that session.

    Another Example :-

     

    • In case of a tcp connection,the SRX would have information about the flags of the packets.
    • It would not allow any packet other than the expected one.
    • Ex - For a tcp connection, the 3 way handshake should be completed in proper sequence, SYN, SYN-ACK and then ACK for any further communication to take place.

    Hope this helps.

     

    Regards,

    Sahil Sharma

    Please mark my response as Solution if it Helps, Kudos are Appreciated as well.