Measures reported by PanSessionTest

The Palo Alto firewall lets users to create sessions using different protocols such as Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP) or SSL Proxy connection. These communication protocols ensure reliability, end-to-end delivery and flow and error control of data during the user sessions.

Frequent overload condition on a firewall can actually cause irreversible damage to the firewall. If the Palo Alto Firewall is overloaded with sessions, it may actually slow down the request processing capability of the firewall. Under such circumstances, administrators will have to identify the type of sessions that are causing the overload - are they TCP sessions? UDP sessions? ICMP sessions? SSL Proxy sessions? - and investigate why the count of such sessions are unusually high on the firewall. Moreover it is the onus of the administrators to keep track of the session utilization as well. If the session utilization is high throughout, it may result in overload condition with the sessions hogging excessive network bandwidth. This may in turn cause slowdown of the firewall which when left unattended will lead to performance degradation. Administrators should therefore constantly monitor the sessions of the firewall and figure out what type of sessions are frequently causing overload. The PanSessionTest test helps administrators in this regard.

This test monitors the sessions on the Palo Alto Firewall and reports the number of active TCP, UDP, ICMP and SSL Proxy sessions. In addition, this test reveals the overall session utilization and the SSL Proxy session utilization. This way, administrators can keep track of sudden spikes in the number of sessions and proactively be alerted to overload condition, if any.

Outputs of the test : One set of results for the firewall being monitored.

The measures made by this test are as follows: