Application Level Firewalls

Application Level Firewalls
Application level firewalls generally run only on proxy servers, which
can perform extensive logging and elaborate auditing on all the
network traffic to or from the internal network. They can be used as
network address translators, since traffic passes from ’one side to the
other’, after having passed through an application that effectively
masks the origin of the initiating connection. On the other hand,
having an application in the way will hamper performance and will
make the firewall less transparent.
Overall, they seem to be able to provide the security administrator with
more detailed audit reports, and are able to implement and enforce
more conservative and complex security models than network level
firewalls.
Circuit Level Firewalls
Circuit level firewalls have much the same design and thus the same
properties as application level gateways, but they work on a lower
layer: the transport layer. They basically relay TCP connections.