Session State Management in ASP.Net
ASP.NET provides three ways of maintaining client-specific state: session state, cookie state, and view state. Each technique has its own advantages and disadvantages.
Session state is the most flexible and, in general, the most efficient. ASP.NET has enhanced session state to address some of the problems associated with it in previous versions of ASP, including the abilities to host session state out of process or in a database(SQL Server) and to track session state without using cookies.
Session state is maintained on behalf of each client within an ASP.NET application. When a new client begins to interact with the application, a new session ID (or session key) is generated and associated with all subsequent requests from that same client . By default, the session state is maintained in the same process and AppDomain as your application, so you can store any data type necessary in session state.
To know more about the Session State management, there is an excellent article posted in ASPAlliance, and the link to this is here.
For experts, the best practices to be followed in Session state management is here.