Regarding cybersecurity and networking, a 5-tuple can be described as a bundle of five values that identify a specific connection or network session. These values include the sourced IP address, source port numbers, destination IP address, destination port number, and the specific protocol in use, for example, TCP UDP.
See also: connection-oriented protocol
Common 5-Tuple applications in cybersecurity:
- Network monitoring and analysis: In network monitoring solutions, 5-tuple can be used for individual session and connection tracking and identifying potential security incidents or performance issues.
- Load balancing: Load balancers often consider 5-tuples to track user activity. This ensures that a user’s data goes to one specific server and that users maintain a steady and consistent experience.
- Network traffic filtering and classification: Various routers, firewalls, and other network connection devices employ 5-tuples to divide and classify network traffic, allowing and denying packets based on predefined rules corresponding to these values.