Firewall
•Anything not allowed by an explicit rule is denied.
•Most of the rules are defined by the administrator.
•Default connection tracking mode is normal (Does not allow asymmetry, does not allow connections that are not seen from the beginning)
•If it is unclear whether something should be allowed, it is not allowed.
•Operates mainly with IP addresses and ports. (URL filtering, Application detection and other features can extend the operation to include the payload.)
•Usually fail-closed