Session distribution policies define how PA-5200 and PA-7000
Series firewalls distribute security processing (App-ID, Content-ID, URL
filtering, SSL decryption, and IPSec) among dataplane processors
(DPs) on the firewall. Each policy is specifically designed for
a certain type of network environment and firewall configuration
to ensure that the firewall distributes sessions with maximum efficiency.
For example, the Hash session distribution policy is best fit for
environments that use large scale source NAT.
The following topics provide information about the available
session distribution policies, how to change an active policy, and
how to view session distribution statistics.