Most firewall systems today are combinations of
- Packet filter: A type of firewall devices that process network traffic on a packet-by-packet basis. Packet filter devices allow or block packets, and are typically implemented through standard routers.
- Circuit-level gateway: Circuit-level gateways are similar to packet filters. The main advantage of circuit-level gateways is their ability to provide network address translation.
- Application-level gateway: Application gateways function at all four layers of the TCP/IP suite.
They are typically implemented through software installed on a specialized server. Application gateways are sometimes known as proxy servers.
A simple rule of thumb is, the more sensitive the data, the more extensive the firewall strategy should be.