There are 3 main types of firewalls used on corporate networks. These are: Packet Filtering Firewalls, Application level Firewalls, Stateful Multilayer Inspection Firewalls. There also exists Circuit Level Firewalls but these are not commonly used, they work at the session layer. Each of these types of firewalls has certain advantages and disadvantage, which one you need depends on your specific environment, what type of risk you are comfortable with given your budget and or business constraints and what type of speed your user/business are comfortable with as implementing a very high security firewall which does extensive analysis of each incoming and outgoing packet will probably require a much faster pipe which means additional costs.
Let’s start with Packet Filtering Firewalls, these are common on very small networks. They filter based on rules or acls. These ACL’s or access control lists are defined based on IP address, Protocol type or other characteristics of the TCP/IP Packet on ingress or egress to the internet. Their main advantage is speed, they carry a very light overheard. The main disadvantage is that they do not support complex rules, also they only work at the network layer of the OSI model so they cannot block or allow based on application type.
Application Level Firewalls filter based on specific applications. They operate at layer 7 of the OSI Model and can work well in many networks. For example let’s say you wanted to block Facebook or Drop Box on other types of firewalls this would be difficult as these applications use many different ports many of which may not even be documented. Blocking traffic at the application level then becomes useful.
Stateful Multilayer Inspection Firewalls combine the above types of firewalls. They can filter packets based on rules or acls, or type of application, they can also make decisions to forward or block packets based on the TCP/IP Session traffic. major disadvantage is the cost associated with them.