Professional Documents
Culture Documents
yes
Decrypt id Decryption
no
ID
2
yes iq
QoS QoS IN
no IQ Enqueue/ Dequeued IN
no
yes yes
SecureXL RST,
Connection FIN, SYN …
Table Packet
no no no
establish
yes establish yes
new NAT new
Accept no
1 SecureXL 1 Template SexureXL yes Content
Template
Connection sk NAT Inspection
needed
no
yes no yes
Drop Fast Accel
Discard 1 Template rule
Fast Accel in
R80.20 JHF103+
no SK156672
fw_worker X SecureXL
CoreXL
yes
Connection
Tabel
Content Inspection
no
no
Firewall
Discard 1 Policy
possible in SecureXL and CoreXL, therefore only shown schematically
yes
add Conn. Table
yes
NAT (Dest)
Table
no
NAT
yes Content Inspection
1 other Security Modules
Policy
Passive Streaming
no Library (PSL)
Content Classifier
Inspection APP1
1 packet subsequent APP2
yes APP3
Inline Streaming
Content Inspection Path Protocol Parsers
Observer
(PSL / CPAS)
I
Protections Handler Security Policy
routing
action
o
fw_worker X
Log Connection IPS prevent detect inactiv
yes
NAT (Src)
Table AC drop allow
no NAT
yes
QoS oq QoS OUT
Enqueued/ Dequeued OUT
no OQ
2
yes
Encrypt oe
Encryption
no OE
Interface
1 2
only the first packet in the firewall VPN and QoS is possible in SecureXL and/or CoreXL, therefore only shown schematically