Firewall

A firewall is a network security system, either hardware or software based that controls incoming and outgoing network traffic based on set of rules.
Act as barrier between a trusted network and other untrusted networks such as internet.

1. Packet Firewall:

Stateful Firewalls:

It maintain context about active session, and use that state information to speed packet processing.
Any existing network connection can be described several properties, include source and destination IP address, UDP or TCP ports.
If the packets matches existing connection based on comparison with the firewalls state table, it will be allowed to pass without further processing.
If a packet doesn't match an existing connection, it will be evaluated according to the rule set for new connections.

Stateless Firewalls:

It requires less memory and faster for simple filters that requires less time to filter than to look up a session.
It is necessary for filtering stateless network protocols that have no concept of session.
It can not make more complex decisions based on what stage communication between hosts have reached.
Commonly used packet filter on various versions of unix.

Stateful vs Stateless Firewalls:

2. Application Layer Firewalls:

Enabling firewalls to inspect and filter packet on any OSI layer up to application layer.
Application layer filtering is the ability to block specific content, such as known malware or certain website and recognize when certain applications and protocols such as HTTP, FTP, and DNS are being misused.

3. Proxy Firewalls:

Firewall proxy severs also operate at the firewalls application layer, act as an intermediate for requests from one network to another for a specific network application.
A proxy firewall prevent direct connections between either sides of the firewall.
Both sides are forced to conduct the session through proxy.
Which can be block or allow traffic based on its rule set.
Firewall will support internet application such as an HTTP proxy for web services.

Advantages: