You're reading from Mastering Palo Alto Networks Deploy and manage industry-leading PAN-OS 10.x solutions to secure your users and infrastructure

Product type Paperback

Published in Sep 2020

Publisher Packt

ISBN-13 9781789956375

Length 514 pages

Edition 1st Edition

Tools

Palo Alto Networks

Concepts

Networking

Author (1):

Tom Piens Aka 'Reaper'

View More author details

Table of Contents (18) Chapters

Preface

1. Section 1: First Steps and Basic Configuration

2. Chapter 1: Understanding the Core Technologies FREE CHAPTER

3. Chapter 2: Setting Up a New Device

4. Section 2: Advanced Configuration and Putting the Features to Work

5. Chapter 3: Building Strong Policies

6. Chapter 4: Taking Control of Sessions

7. Chapter 5: Services and Operational Modes

8. Chapter 6: Identifying Users and Controlling Access

9. Chapter 7: Managing Firewalls through Panorama

10. Section 3: Maintenance and Troubleshooting

11. Chapter 8: Upgrading Firewalls and Panorama

12. Chapter 9: Logging and Reporting

13. Chapter 10: VPN and Advanced Protection

14. Chapter 11: Troubleshooting Common Session Issues

15. Chapter 12: A Deep Dive into Troubleshooting

16. Chapter 13: Supporting Tools

17. Other Books You May Enjoy

Leave a review - let other readers know what you think

Interpreting session details

The log details tell you a lot about a session, but not everything. Sessions, while being processed, have several different parameters that only translate to how they are being processed at a particular moment in time.

The session table is made up of a finite number of session IDs, so session IDs end up getting reused after the available IDs have been cycled through. There are seven different states that a session can be in:

Initial or INIT: A session that is ready and waiting to be used by a new flow is in the INIT state.
Opening: This is a transient state in which a session ID is assigned to a flow while it is being evaluated to become a full session. This stage accounts for half-open TCP connections, so it has more aggressive timers that close the session if the handshake is not completed within due time.
Active: This is the state in which everything happens – the flow is up and packets are being passed back and forth.
Closing...