Application firewall

It operates by monitoring and blocking communications based on a configured policy, generally with predefined rule sets to choose from.

Marcus Ranum's work, based on the firewall created by Paul Vixie, Brian Reid, and Jeff Mogul, spearheaded the creation of the first commercial product.

Under a broader DARPA contract at TIS, Marcus Ranum, Wei Xu, and Peter Churchyard developed the Firewall Toolkit (FWTK) and made it freely available under license in October 1993.

In 1994, Wei Xu extended the FWTK with the Kernel enhancement of IP stateful filter and socket transparent.

[2] Stickley discovered a second vulnerability a year later, effectively ending Gauntlet firewalls' security dominance.

This allows packet decisions to be made based on more than just source/destination IP Address or ports and can also use information spanning across multiple connections for any given host.

[6] Due to technological limitations, modern solutions such as sandboxing are being used as a replacement of host-based application firewalls to protect system processes.