This is what they actually do: Examine each part of a message and determine whether to let it pass. Examine the source address, the destination address, and other data. Can prohibit outsiders from starting a session with any user behind the firewall. Disallow traffic from particular sites, such as known hacker addresses. Can prohibit traffic from legitimate, but unwanted addresses, such as competitor's computers. Keep employees from accessing specific sites, such as competitor sites, sites with pornographic material, or popular news sites.