Application-level firewalls work by intermediating the data exchange between two entities, catching requests and responses. This firewall type is also known as a proxy firewall or application-level gateway.We can understand firewalls as networked security devices. The central purpose of a firewall device is to inspect both incoming and outgoing traffic and decide which to block according to a particular set of rules or policies.
Firewalls can operate in a stateless or stateful manner. Stateless firewalls do not keep any information regarding the connections between clients and servers, inspecting each packet independently. Stateful firewalls, in turn, keep track of the connections, thus monitoring their stages and identifying unusual and potentially malicious behavior on them.
3Types of Firewalls
Packet filter firewall
The firewalls employ a set of rules applied to the incoming network traffic. If a packet does not violate any rule, the firewall forwards it to the next destination; otherwise, the firewall discards it immediately.
...
Most of the rules are based on the protocols’ headers encapsulating the packets and on the information provided by them. For example, we can define specific rules for blocking particular IP addresses (source or destination), ports (in the transport layer), or even protocols (ICMP, IP, TCP, UDP, among others).
Aplication-level firewall
Application-level firewalls work by intermediating the data exchange between two entities, catching requests and responses. This firewall type is also known as a proxy firewall or application-level gateway.
...
In practice, the application-level firewalls establish connections with clients and servers, intermediating communication. To do that, these firewalls typically work with several TCP-based protocols, such as FTP, HTTP, SMTP, Telnet, etc.
Circuit-level firewall
It’s called circuit-level gateways and establishes connections between entities trying to communicate. In this aspect, circuit-level firewalls operate similarly to application-level firewalls. A circuit-level firewall first verifies how the SYN and ACK message exchanges occur between entities trying to connect. So, the firewall aborts a connection if it notes something wrong with such messages, such as an SYN flood attack.
...