What is Firewall and its types

A firewall forms a barrier through which the traffic going in each direction must pass. A firewall security policy dictates which traffic is authorized to pass in each direction. A firewall may be designed to operate as a filter at the level of IP packets, or may operate at a higher protocol layer. Firewalls can be an effective means of protecting a local system or network of systems from network-based security threats while at the same time affording access to the outside world via wide area networks and the Internet.


  1. Packet Filtering Firewall

It is simplest, fastest firewall component. It is Foundation of any firewall system. Examine each IP packet (no context) and permit or deny according to rules. Hence restrict access to services (ports). A packet filtering firewall applies a set of rules to each incoming and outgoing IP packet and then forwards or discards the packet. The firewall is typically configured to filter packets going in both directions (from and to the internal network).

2. Stateful Packet Filters

A traditional packet filter makes filtering decisions on an individual packet basis and does not take into consideration
any higher layer context. To understand what is meant by context and why a traditional packet filter is limited with regard to context, a little background is needed. Most standardized applications that run on top of TCP follow a client/server model. A stateful packet inspection firewall reviews the same packet information as a packet filtering firewall, but also records information about TCP connections.

3. Application Level Gateway (or Proxy)

An application-level gateway, also called an application proxy, acts as a relay of application-level traffic. Application-level gateways tend to be more secure than packet filters. Rather than trying to deal with the numerous possible
combinations that are to be allowed and forbidden at the TCP and IP level, the application-level gateway need only scrutinize a few allowable applications. In addition, it is easy to log and audit all incoming traffic at the application level. A prime disadvantage of this type of gateway is the additional processing overhead on each connection.

4. Circuit Level Gateway

This can be a stand-alone system or it can be a specialized function performed by an application-level gateway for certain. A circuit-level gateway does not permit an end-to-end TCP connection; rather, the gateway sets up two TCP connections,
 Between itself and a TCP user on an inner host.
 Between itself and a TCP user on an outside host.