Firewalls are software-/hardware-based security components that divide computer networks into two logical segments: an unsecured side that remains exposed to computer users from the outside world, typically to provide access to Web servers or other such public parts of a network; and a second, secure side that's off-limits to intruders yet remains accessible to authorized users.
Firewalls give authorized LAN users freedom to dial into or out of a network to use e-mail, to access the Internet, or to make remote-access connections into a central LAN from a remote computer (for telecommuters dialing in from home or dialing up a central office network from a branch site). They enable system managers to provide the far-reaching, flexible access that customers (both internal and external to a network) demand, while at the same time limiting a network's exposure to interlopers; either malicious or accidental.
There are three types of firewalls: packet filters, application servers, and circuit-level gateways.
Packet filters are hardware firewalls (implemented in bridges or routers) that examine the source or destination address of a data packet to determine whether it should be forwarded to the next segment of a network.
Application servers are software firewalls that exist only to support particular applications (such as e-mail or a Web server) and grant access to such services according to guidelines set by the system manager who configures the application.
Software-based circuit-level gateways fall somewhere between the other two types of firewalls. They don’t actually host network services like application servers do; rather, they grant access to such services based on the unique identity of the network port through which the request for service is received—like a packet filter routing data