card image

The first firewall was known as a first generation and was deployed around 1990.  This was the very first concept of a device being created to protect users from threats on the internet.  The initial device had a set of rules that controlled the access of outside access to the internal companys network. First Generation firewalls were only capable of filtering packets and then silently dropping the ones that were disallowed by an internal firewall rule.  When the packet arrived it was first analyzed the destination address, the port and the protocol being used in the transmission.  As you may guess this was very limited and thus either it dropped too much or didn't drop enough so this firewall was not able to be very specific.

Within less then a year the second Generation Firewall was rolled out and it was able to do statefull packet inspection and thus track the state of the connection.  Thus a statefull firewall operated at the OSI Network and Transport Layers of the network and maintained an array in memory of each specific connection state.  Furhtemore it tracked the port number each specific device was using for communication and both devices IP addresses.  However a second Generation Firewall was not capable of tracking communication between devices if they both used non-standard ports.  This iteration was able to track basic access of TCP, UDP, E-mail, FTP and Web Port traffic on standard ports only.