A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications.Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet.
Packet filtering firewalls work on the first three layers of the OSI reference model. A packet originates from the sender and filters through a firewall will checks for matches to any of the packet filtering rules that are configured in the firewall Finally, it drops or rejects the packet accordingly.However, pure packet filters are stateless - they have no memory of previous packets ,which makes them vulnerable to spoofing attacks.IP spoofing refers to the creation of Internet Protocol (IP) packets with a forged source IP address.
Application layer firewall works on all seven layers of the OSI reference model, from the application down to the physical Layer.
This is similar to a packet filter firewall but here we can also filter information on the basis of content.
An application firewall can filter higher-layer protocols such as FTP, Telnet, DNS, DHCP, HTTP, TCP, UDP and TFTP .This application based firewalls are thus much slower than stateful firewalls and packet filtering.
Third-generation firewalls, in addition to what first- and second-generation look for, regard placement of each individual packet within the packet series as it maintains records of all connections passing through the firewall and is able to determine whether a packet is the start of a new connection, a part of an existing connection, or is an invalid packet.