ASPF basic concepts
Single-channel protocol and multichannel protocol
Single-channel protocol—A single-channel protocol establishes only one connection to exchange both control messages and data for a user. SMTP and HTTP are examples of single-channel protocols.
Multichannel protocol—A multichannel protocol establishes more than one connection for a user and transfers control messages and user data through different connections. FTP is one example of multichannel protocols.
Internal interface and external interface
On an edge device configured with ASPF to protect hosts and servers on the internal network, the interfaces on the device are divided into internal interfaces and external interface:
Internal interfaces—Interfaces connected to the internal network.
External interfaces—Interfaces connected to the external network.
To protect the internal network, you can apply an ASPF in the outbound direction of the external interfaces or in the inbound direction of the internal interfaces of the device.
Zone pair
A zone pair specifies the source zone and destination zone of a traffic flow to be inspected:
Source zone—A security zone from which the first packet of a traffic flow originates.
Destination zone—A security zone for which the first packet of a traffic flow is destined.
For information about security zones, see Fundamentals Configuration Guide.