Ref: https://learn.cantrill.io/courses/2022818/lectures/45636949

YouTube: https://www.youtube.com/watch?v=drvbm6R0ONY

• Summary:
• Contents:

OSI L5 (Session) - Key Concepts

• 🔧 Provides sessions and conversation state awareness to a L4 connection
• Provides:
  • Protocols for session establishment, maintenance, and termination
  • Management of session security & synchronization

Intro: L4 Firewalls (Stateless) vs L5 Firewalls (Stateful)

• L4 limitation: L4 devices only aware of channels, not sessions/conversation states
  • L4 ONLY sees:
    1. Inbound traffic
    2. Traffic traffic
  • ‼️ L4 NOT aware of what traffic is request or response!
  • L4 Firewalls (e.g. AWS NACLs) must define 2 rules to allow traffic (IN & OUT)
• L5 devices are aware of communication sessions
  • L5 aware that request traffic & response traffic = one conversation (session)
  • L5 Firewalls (e.g. AWS Security Groups) only need to define 1 rule to allow traffic of a particular conversation
• Deeper dive: Stateless vs Stateful Firewalls