Stateful inspection is the easy answer to what is the difference between a firewall and access control list.

Access lists (ACLs) define interesting traffic. An ACL specifies network addresses and optionally port numbers, or destinations. The interesting traffic is then acted on by processes such as QoS, routing, interface filtering, etc.

The term firewall is not really a technical term as much as it is a marketing or conceptual term. A firewall assumes an unprotected outside network and protected inside network. Early firewalls monitored transport protocol connection establishment and messages by keeping temporary tables in memory, enabling them to monitor the state of connections. Later firewalls performed deep packet inspection meaning the firewall was aware of the expected behavior of various applications traffic. Then next generation firewalls added application awareness and control, integrated intrusion prevention, and cloud-delivered threat intelligence¹.

¹What Is a Next-Generation Firewall?

Stateful inspection is the easy answer to what is the difference between a firewall and access control list.

Access lists (ACLs) define interesting traffic. An ACL specifies network addresses and optionally port numbers, or destinations. The interesting traffic is then acted on by processes such as QoS, routing, interface filtering, etc.

The term firewall is not really a technical term as much as it is a marketing or conceptual term. A firewall assumes an unprotected outside network and protected inside network. Early firewalls recorded transport protocol messages in temporary tables (in memory) enabling them to monitor the state of connections. Later firewalls performed deep packet inspection meaning the firewall was aware of the expected behavior of various applications traffic. Then next generation firewalls added application awareness and control, integrated intrusion prevention, and cloud-delivered threat intelligence¹.

¹What Is a Next-Generation Firewall?