Which packet info is masked with Session Rate Acceleration?
Which packet info is masked with Session Rate Acceleration?
Session Rate Acceleration uses the source port to identify connections and mask it to match other attributes. This technique improves connection setup and teardown rates by bypassing full firewall inspection, focusing instead on other packet attributes such as source address, destination address, destination port, and protocol. Therefore, the source port is the correct answer.
Correct Identifies connections by five attributes - source address - destination address - source port - destination port - protocol
C. Session rate acceleration: SecureXL also reduces the overhead in establishing certain kinds of new connections, improving new connection rate(connections per second), connection setup/teardown rate (sessions per second) and throughput in certain high-connection rate traffic environment. From a 5-tuple validation, the source port of a flow may be masked off, effectively providing a global match for source port. These new connection setup packets matching 4 out of 5 tuples avoid a round trip to the firewall application and limit the computing overhead. Security is not impacted because the OS continues to track the state of the new connection using Stateful inspection. https://trlj.blogspot.com/2015/10/check-point-acceleration.html
C is correct For example, if the source port is masked and only the other 4 tuple attributes require a match