In existing data network, sentry devices such as firewalls are deployed to enforce security policies of end-to-end sessions. To implement these policies, memory resource at the sentry device is necessary. Most of the memory resource is per-session and exists for the duration of the end-to-end sessions. To prevent the condition where quiet session terminations leading to stale states permanently holding the per-session memory, time out configurations are provided to release the per-session memory resource when a period of time has passed without session activity. In such configurations, there is no ability to automatically detect and expire a dead connection. In topologies where long live connections are necessary, typically infinite timeout is used. However, this approach requires manual maintenance to ensure that the number of dead connections does not subsume the end host device.
In view of the foregoing, it would be desirable to have methods and systems for simplified monitoring and detection of TCP session connections to automatically detect dead connections.