If IRC traffic is blocked on port 80/TCP, which firewall type is likely inspecting outbound traffic?

Application-layer awareness lets a firewall decide based on the actual protocol, not just port numbers. If IRC traffic is being blocked even when it uses the common web port (port 80), the firewall must look inside the traffic to identify the IRC protocol rather than just blocking by the port. An application firewall is designed to inspect at the application layer, recognize IRC commands and sessions, and enforce rules accordingly, even if the traffic rides on an atypical port or is disguised to look like ordinary web traffic. This deeper inspection is what makes it capable of stopping IRC despite the port it uses. In contrast, a gateway at the network edge or a basic packet-filtering firewall tends to emphasize header information like IPs and ports and won’t reliably identify IRC content inside the payload. A next-generation firewall can also perform application-layer checks, but the specific behavior described—inspecting outbound traffic to block a specific application like IRC regardless of port—is a classic capability of an application firewall.