Security devices, for example, firewalls and intrusion detection systems (IDSs), are devices that are used to protect a computer network from unauthorized, malicious or disruptive users. A firewall can be used to secure a local area network from users outside the local area network. A firewall checks, routes, and can label messages sent to or from users outside the local area network.
Security devices can be stateful. For example, a stateful firewall can perform stateful packet inspection by keeping track of the state of network connections (e.g., Transmission Control Protocol (TCP) connections) passing through it. A stateful firewall keeps track of the state of traffic on the network by storing state information, e.g., Internet Protocol (IP) addresses and ports being used by the connection. A stateful firewall can reject packets that do not match a known connection state.
A network can include two or more security devices. In some networks with two security devices, one of the devices is active (i.e., actively processing packets) and the other is passive (i.e., not currently processing packets). The passive device becomes active when the active device fails. In other networks, both security devices are active to take advantage of features such as load balancing, high availability, and reliability assurance. In some networks that include two active, stateful firewalls, the firewalls synchronize with each other by sending each other state information.