A firewall is described that is integrated in an input stage of a packet processing pipeline so that it recognizes and has access to internal information regarding the different services, such as conduit, intranet, Internet, local vs WAN, applications, and security zones, of a communication network, such as an adaptive private network (APN). The integrated firewall is able to dynamically access the service type, respond to the service type, and adjust the service type based on conditions in the network. Since application awareness and security functions are integrated, customers can set security policies on software applications. The integrated firewall also provides automatic detection of applications, classifies applications based on domain names, steers traffic to services according to software applications, reports on software applications in passthrough traffic, and provides analysis of traffic that does not match a software application so that a user can investigate and define custom applications.