Good practice in information infrastructure security requires a multifaceted approach. In the majority of cases, the firewall represents the first line of defence. The thesis discusses diverse types of firewalls, as well as advantages and disadvantages of diverse technological approaches. Increasingly more sophisticated threats have promoted the development of advanced security systems together with their integration into present day firewalls. A detailed description of a next generation firewall and its most important functions is, therefore, given. When securing computer networks the user himself with his devices represents the biggest threat to its vulnerability. An example of a hypothetical client, therefore, introduces the concept of the next generation firewall use. In reference to the needs of the client, the traffic and application analysis is introduced. The analysis serves as a basis for both implementation plan and the execution of a secure user internet access. The main goal of the thesis is to present the user and the application as the cornerstones of access policy.