Decryption Broker: Security Chain Session Flow
You can choose for the firewall to direct decrypted
inbound and outbound sessions through a security chain in the same
direction (unidirectionally) or in opposite directions (bidirectionally).
For example, if you have a stateless device like a packet recorder
in a security chain, you could enable traffic to flow unidirectionally
through the security chain so the inbound and outbound traffic traverse
the device in the same direction. The packet recorder receives both
inbound and outbound traffic on the same port and can then examine
packet captures from both sides of the session in order to detect changes
to packet header values. Alternatively, if the security chain includes devices
like Data Loss Prevention (DLP) solutions that statefully inspect
traffic, enable traffic to flow bidirectionally through the security
chain instead.