Application-Level Firewalls
Acts as an intermediate host computer (between outside clients and internal servers)
- Forces anyone to login to this firewall and allows access only to authorized applications (e.g., Web site access)
- Separates a private network from the rest of the Internet
- Hides individual computers on the network behind the firewall
Some prohibits external users downloading executable files
- Software modifications done via physical access
Requires more processing power than packet filters which can impact network performance
- Because of the increased complexity of what they do