Along with ASA, the CiscoSecure PIX Firewall uses stateful information to ensure the highest level of security. A stateful session flow table is defined, containing:

  • source and destination addresses
  • TCP port
  • associated flags for that particular session and connection

A connection object is created with this information. After the object is defined, all inbound and outbound packets are compared to both the object and the session flow table to determine whether the connection is valid.