What is Session Layer Firewall?

Session layer firewalls are also commonly known as circuit-level gateways or circuit-level firewalls. They operate at the session-level of the OSI reference model and use NATto protect internal systems from outside attackers.

The protection that is provided by these kinds of firewalls is basic and is done through the use of source/destination IP addresses as well as port numbers. The session layer firewalls are not able to detect high level attacks or breach attempts that occur at the application layer.

So this means that users either on the outside or the inside could get through the session layer firewall by using standard applications with non-standard ports. For example, if someone wants to connect to a telnet server across the firewall, they would do it by changing the port to 80. The firewall wouldn’t be able to pick up on that, because as it is standard port 80 web traffic, it would be allowed.

In effect, session-based firewalls are nothing but access lists similar to those found in routers and are easy to bypass or get around.

See also What is Application Layer Firewall?