Safire Knowledge Base

A session is defined by two uni-directional flows each uniquely identified by a 5-tuple key: source-address, destination-address, source-port, destination-port, and transport layer protocol.

The concurrent session describes the maximum established/active sessions maintained at a given point in time by the firewall during each test.

In Safire, the concurrent session includes both established TCP connections and active UDP flows seen from the client’s side.