TCP and UDP
As you know, Transmission Control Protocol (TCP) is a connection-oriented protocol, which allows PIX's Adaptive Security Algorithm (ASA) to monitor the state of a TCP session that is established through it. When a packet is sent through the PIX, PIX creates a dynamic entry for the connection that constantly watches the state of that connection and checks all the return packets against that entry.
Because User Datagram Protocol (UDP) is a connectionless protocol, it is more difficult to secure. So ASA handles data transfers from UDP applications similarly to the way that it handles TCP. If a packet is sent from the inside network, the PIX Firewall maintains UDP connection-state information. The subsequent packets are matched against ...
Get CCIE Practical Studies: Security (CCIE Self-Study) now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
