Understanding the 'Firewall' features, before going deeper I will explain a few important points.
The firewall that is meant here is WAF (Web Application Firewall), which is a filter arrangement that functions to filter, monitor and block data originating from a client to a webserver or application.
- Hidden field manipulation
- Cookie poisoning
- Parameter tampering
- Buffer overflow
- Cross Site Scripting (XSS)
- Backdoor or Debug options
- Stealth commanding
- Forced browsing
- Third party misconfigurations
- Known vulnerabilities, and many more such as SQL Injection, LFI, RFI, RCE, etc