Enterprise companies today employ firewalls that do stateful inspection of sessions between external and internal hosts and devices. Cisco employs a patented ASA algorithm that utilizes source IP address, destination IP address, TCP sequence numbers, port numbers and TCP flags to examine and prevent unauthorized sessions. The firewall is configured with conduit statements to filter traffic by examining source/destination IP addresses, application port and protocol port before making a decision whether to permit or deny a session or specific traffic. Further reading ...