Traditionally, network firewalls have been deployed and used to filter traffic passing through them. These firewalls usually examine the upper-layer headers (Layer 3 or above) and, occasionally, the data payload in the packets. The packets are then either allowed or dropped based on the configured access control lists (ACLs). These firewalls, commonly referred to as routed firewalls, segregate protected networks from unprotected ones by acting as an extra hop in the network design. They route packets from one IP subnet to another subnet by using the Layer 3 routing ...