On Feb 25, 2010, at 2:14 PM, Robert Cotter wrote:
They track traffic/processes/protocols looking for incomplete stateful session setups and perform termination when the state has not been setup/completed correctly thus relieving pressure/resource demands from the server behind them?
The capacity of even the largest firewalls is considerably smaller than what the naked servers themselves can handle.
This is all discussed in the linked presos and the relevant NANOG thread; it might be a good idea to read those first, so that we don't rehash previous discussions.
;>
-----------------------------------------------------------------------
Roland Dobbins