The firewall category includes proxy firewalls; however, because of a proxy’s varied functions it seems appropriate to give them their own subsection. Firewalls are most commonly broken down into the following main categories:
- Packet filtering
- Stateful packet filtering
- Application proxies, which we covered earlier
Packet filtering firewalls look at the header information of the packets to determine legitimate traffic. Rules such as IP addresses and ports are used from the header to determine whether to allow or deny the packet entry. Stateful firewalls, on the other hand, determine the legitimacy of traffic based on the state of the connection from which the traffic originated. For example, if a legitimate connection has been established between a client machine and a web server, then the stateful firewall refers to its state table to verify that traffic originating from within that connection is vetted and legitimate.