There are four session storage mechanisms PROVIDED by ASP.NET:

• In Proc mode

In proc mode is the default mode given by ASP.NET. In this mode, session values are put away in the web server's MEMORY (in IIS). On the off chance that there are more than one IIS servers, at that point session values are put away in every server independently on which request has been made. SINCE the session values are put away in the server, at whatever point server is restarted the session esteems will be lost.

• State Server mode

This mode could store session in the webserver however out of the application pool. Yet, as a rule if this mode is UTILIZED there will be a different server for putting away sessions, i.e., state server. The advantage is that when IIS restarts the session is accessible. It stores sessions in a different Windows service. For State server session mode, we need to design it unequivocally in the web config record and begin the aspnet_state service.

• SQL Server mode

Session is put away in a SQL Server database. This sort of session mode is likewise isolated from IIS, i.e., session is accessible even subsequent to restarting the IIS server. This mode is profoundly secure and DEPENDABLE yet in addition has a burden that there is overhead from serialization and deserialization of session data. This mode ought to be utilized when reliability is of higher importance than performance of application.

• Custom mode

By and large we ought to lean toward in proc state server mode or SQL Server mode yet on the off chance that you have to store session information utilizing other than these procedures, at that point ASP.NET gives a custom session mode. Thusly we need to keep up everything customized even producing session ID, information store, and furthermore security.