<P> This type of firewall is potentially vulnerable to denial - of - service attacks that bombard the firewall with fake connections in an attempt to overwhelm the firewall by filling its connection state memory . </P> <P> Marcus Ranum, Wei Xu, and Peter Churchyard developed an application firewall known as Firewall Toolkit (FWTK). In June 1994, Wei Xu extended the FWTK with the kernel enhancement of IP filter and socket transparent . This was known as the first transparent application firewall, released as a commercial product of Gauntlet firewall at Trusted Information Systems . Gauntlet firewall was rated one of the top firewalls during 1995--1998 . </P> <P> The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol (FTP), Domain Name System (DNS), or Hypertext Transfer Protocol (HTTP)). This is useful as it is able to detect if an unwanted application or service is attempting to bypass the firewall using a protocol on an allowed port, or detect if a protocol is being abused in any harmful way . </P> <P> As of 2012, the so - called next - generation firewall (NGFW) is nothing more than the "wider" or "deeper" inspection at the application layer . For example, the existing deep packet inspection functionality of modern firewalls can be extended to include: </P>

What is firewall and write the types of firewall