A '''circuit-level gateway''' is a type of [[Firewall (networking)|firewall]].
Circuit-level gateways work at the transport[[session layer]] of the [[OSI model]], or as a "shim-layer" between the [[application layer]] and the [[transport layer]] of the [[TCP/IP]] stack. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit-level gateway appears to have originated from the gateway. Circuit-level firewall applications represent the technology of next to first generation. Firewall technology supervises TCP handshaking among packets to confirm a session is genuine. Firewall traffic is clean based on particular session rules and may be controlled to acknowledged computers only. Circuit-level firewalls conceal the network itself from the external, which is helpful for interdicting access to impostors. But circuit-level firewalls do not clean entity packets. This is useful for hiding information about protected networks. Circuit-level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.
