1.
Is this an established connection?
If the arriving packet is part of an existing connection, the Adaptive Security Algorithm does not
reexamine the packet, and matching packets in the established connection table can go through the fast
path in both directions. The fast path is responsible for performing the following checks:
IP checksum verification
Session lookup
TCP sequence number check
NAT translations based on existing sessions
Layer 3 and Layer 4 header adjustments
In some instances, established session packets must continue to go through the session management
2.
path or the control plane path for protocols that require Layer 7 inspection. For example, HTTP packets
requiring content filtering need to go through the session management path.
Application Layer Protocol Inspection
In addition to the stateful-inspection previously discussed, the Adaptive Security Algorithm is enhanced with
powerful capabilities and is built with application-layer intelligence that assists in detecting and preventing
protocol and application-layer attacks. It performs deep packet inspection of application-layer protocol traffic
(such as HTTP) by checking the packet IP header and the payload contents.
Pages:
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261