In this setup network router acts as a firewall. It checks all incoming and outgoing packets according to the predefined rules. This filter is placed at the connecting point to the external network. Clients on local network and on the Internet are allowed to communicate directly but their communication is restricted to the type allowed by the router. As router is needed for connecting to the Internet so this firewall is almost free .
• Cheapest, simple and transparent • Router could be replaced with some intelligent system to provide better access control
• Requires complex filtering rules and hence error-prone• Fine grained access control is near impossible• Cannot add authentication system• If router is compromised somehow then security is at risk