There are three primary components (or aspects) for firewall systems, those being
The last item may range in capability, from creating log entries for excessive login attempts to notification of operators via e-mail or pagers to intrusion/detection systems that build user profiles and raise alarms when out-of-bound behavior occurs.
Up until now, the term ``firewall'' has been used here somewhat loosely, since firewall systems can range greatly in how well they implement the above components. The most common type of firewall is simply a router that has the capability to filter TCP/IP packets based on information fields in each packet. Less common but more secure are systems that include packet filtering as well as logging and application gateways for telnet, ftp, or e-mail. These firewalls may actually be a collection of systems such as a router, an application gateway system, and a system for logging. Also found are firewall systems that simply block all traffic, thus completely cutting off network access except for those users with accounts on the firewall system. However, since packet filtering capability appears to be the common component in most firewall systems, the following paragraphs go into more detail on packet filtering than the other components.