Modern networks deploy multiple firewalls across network environments. In deployments with multiple firewalls, processes are needed to handle situations when a flow begins at one firewall, but messages are subsequently sent or received through a different firewall. Some implementations use clustering solutions in which all firewalls in the cluster synchronize to a cluster master which, in turn, synchronizes to its cluster members. This allows all of the firewalls to receive the flow state for each flow being handled by every other firewall in the cluster.
For example, in a deployment with dual data centers, each having a direct link to the Internet, all of the firewalls synchronize to a cluster master. Such a system is expensive in terms of the bandwidth required to perform the necessary syncing. Specifically, synchronization would be required for every new flow in the network, which is cumbersome in a real world deployment that has up to millions of flows per second. When a deployment spans three or more sites, using three or more firewalls, the problem is magnified significantly.