Firewall Hardware Key Terms

Understand key terms used in firewall hardware

Firewalls provide security to all users on a network. They are available as software -- that run on servers -- or hardware -- like a server or appliance. If you've chosen to use firewall hardware, there are many products and technologies to choose from. Understanding some of the key terms of firewall hardware can help you to understand firewall capabilities and choose a secure solution for your enterprise.

Network level firewall

Network level firewalls are often built into routers and other network appliances. They can provide protection for four or more computers on a network, but usually don't offer customized configuration options and lack advanced security features.


A VPN, short for Virtual Private Network, allows remote offices and telecommuting employees to connect to a private network and share the same capabilities they would in the office. Since VPNs can cause security issues, a company running a VPN must have a firewall in place to control security and manage VPN services. Some VPN routers and appliances have built-in firewall protection.

Firewall appliance

A firewall appliance is a piece of hardware that provides dedicated firewall protection. Unlike a firewall server, an appliance has its own operating system and hardware.

Packet filtering

Packet filtering is a basic service provided by firewalls. Rules are created to regulate traffic to your network. If the packet does not match acceptable traffic rules based on criteria like IP address, protocol or port, the packet is not accepted.

Stateful inspection

Stateful inspection is a technology that provides more advanced security and flexibility than packet filtering. Packets are analyzed in more detail, rather than just checking the packet header.

Proxy server

Some firewalls use a proxy server, sometimes called an application gateway. This is the most secure and complex type of firewall. With this method, each Internet application accessed from the network is processed from an internal proxy before moving outside the network.

Find Pre-Screened Vendors

Compare quotes and save: