When Does Palo Alto Networks Firewall Send a TCP Reset (RST) to Terminate a Session?
A TCP reset is an immediate close of a TCP connection. This allows for the resources that were allocated for the previous connection to be released and made available to the system. The receiver of a RST segment should also consider the possibility that the application protocol client at the other end was abruptly terminated and did not have a chance to process the data that was sent to it.
The Palo Alto Networks firewall sends a TCP Reset (RST) only when a threat is detected in the traffic flow. On all other cases the RST will not be sent by the firewall.