There are four common firewall architectures: packet filtering routers, screened host firewalls, dual-homed firewalls, and screened subnet firewalls. Screened subnet firewalls are the most complex but provide the highest level of security. They use a demilitarized zone (DMZ) to separate external-facing servers from internal networks and limit access between the different zones.