Session Analysis

Session Analysis
Yet another design improvement has been to focus on sessions rather
than on packets, which has introduced the use of smart rules. For
instance, a network session might contain packets going in two
directions. A packet filter would need one rule to control the packet
going from the originating host to the destination host, and another
rule which controls packets returning from the destination host
towards the originating host. On the other hand, a smart rule knows
that packets will be returned and does not require the formulation of a
second rule.
Conclusion
As a final remark, we mention that many ’hybrid firewalls’ have been
taken into operation. For instance, one might use a packet filter
enhanced with smart filtering at the application level for most services,
combined with application proxies for specific services such as FTP
augmented with an inspection-based filtering scheme. A word of
caution has to be uttered: adding security methods by themselves does
not necessarily increase the level of security, and thus the level of
assurance. Additional mechanisms can increase, but also leave
unaffected or even decrease, the security architecture already in place.
It is something that has to be carefully considered.