State-full perimeter security for data networks

The described embodiments include a system for controlling communications between a first network and a second network including a plurality of in-line security devices, the in-line security devices being configured to manage communication between the first network and the second network, and including a state server connected to the plurality of in-line security devices, the state server being configured to receive state information about the state of the connections established by a first one of the in-line security devices and to communicate the state information to at least a second one of said in-line security devices. In one embodiment, the in-line security devices are firewalls. In another embodiment, state server communicates the state information received from the first one of the firewall devices and communicates the state information to every other one of the plurality of firewall devices. The described embodiments also include a method for controlling communications between a first network and a second network including providing a plurality of in-line security devices, establishing communication between the first network and the second network via the in-line security devices, providing a state server connected to the plurality of in-line security devices, transmitting state information from a first one of the the in-line security devices about the state of the connections established by the a first one of the in-line security devices, and communicating the state information from the state server to at least a second one of said in-line security devices.