The technology has progressed since the dawn of the Internet. You can buy fine devices, and you can build them using free
software. When you pay for a firewall, you may get more sophisticated interfaces or more advanced
application-level filtering.
You may also get customer support, which is not available for the roll-your-own varieties of firewalls
1) When an internal node indicates a TCP/IP connection through a proxy server, the proxy server receives the request and checks it against a set of configurable filters.
2) If the internal node is making an authorized request, the proxy server will initiate a TCP/IP connection with the remote server. The proxy server will then act as the requesting client, completely isolating the internal node from the remote server.
3) The server will generate TCP/IP responses based on the request sent from the proxy server. The responses will be sent to the proxy server, where they will again be checked against the proxy server's filters.
4) If the remote server's response are permitted, the proxy server will then forward the response to the internal mode.