System administrators have found it increasingly hard to protect their computer systems as the number of computers connected to networks has grown. This chapter discusses the purpose and design of security gateways and firewalls, which have seen a recent rise in popularity. The purpose of a network firewall is to provide a shell around the network which will protect the machines on the network from various threats. In the case of a firewall gateway, it also provides a filtering service which limits the types of information that can be passed to or from hosts located on the internal network. There are three basic techniques used for firewalls: packet filtering, circuit gateways, and application gateways. Circuit-level gateways simply relay network traffic between two hosts connected via a network's virtual circuit. Application-level gateways usually operate at a user level rather than the lower protocol level common to the other firewall techniques.