device within a network responsible for determining what traffic is allowed to enter and exit. Operate at layers 3 and 4 of the OSI model (technically also on layer 2 but we see through those ;) ). Firewalls can be dedicated pieces of hardware or even software (think Snort). These firewalls can be categorized into 2 to 5 types. The main 2 types are Stateless and Stateful. Stateful firewalls use the entirety of infomration from a connection rather than inspecting a single packet. This type of firewall determines behavior of a device based on the entire connection. A Stateless firewall will use static rule sets to determine if **individual packets** are acceptable or not. An example being if a device sends a bad packet it does not necessarily mean the entire device will be blocked. These firewalls are only as good as their rule sets and if something does not match the established rules then it just continues unbothered, (considered "dumb" due to its simplicity) yet this means that stateless firewalls also use up less resources. Great at stopping DDOS attacks.