How Firewall Rule Enforcement Works

STEP 1 The user starts a web browser. The web browser resolves the DNS name for the URL and initiate a TCP connection to the target web server via the X family device.

STEP 2 The X family device inspects the session header and identifies the following information about the request:

Source IP — The address of the device that initiated the request.

Destination IP — The address of the device for which the request is intended.

Application — Type of service/content and authenticated user (if any).

STEP A Using its routing table, the device decides which Security Zone the session has come from and which zone it is going to.

STEP 3 The device searches for the first firewall rule in its list that matches the session request. Rules are evaluated based on what options are configured:

user authentication

IP protocol service

schedule

source zone

destination zone

web filtering

X Family LSM User’s Guide V 2.5.1

65