Types of Firewall Filters

Firewalls work by inspecting and filtering packet traffic between two networks. Firewalls are categorized according to the layer of the Open System Interconnection (OSI) model that they inspect. Most firewalls are packet filters, meaning they work at the network layer of the OSI model and make logic decisions based on the packet's IP addresses (source and destination), IP port numbers, and whether the packet is in UDP or TCP format. Circuit-layer firewalls work at the transport layer of the OSI model and inspect host-session information. Circuit-layer firewalls can block packets based on the host name and other IP session information such as flags and sequencing numbers. Most network firewalls have packet- and circuit-layer abilities. Application-layer firewalls jump to the top of the OSI model and filter packets based on the data within the network frame. Application-layer firewalls are good at stopping Denial of Service (DoS) and buffer-overflow attacks when the data itself is used to initiate the exploit.