Firewalls—whether implemented with hardware or software—are used to prevent malicious or unwanted traffic from reaching protected resources or to allow only authorized traffic (e.g., from specific network addresses). Antivirus products generally scan files or file systems looking for known computer viruses or malicious code, usually relying on a frequently updated virus definition file.

Below is a short list of some of the vulnerabilities that firewalls and antivirus products attempt to address:

• Worms. Both firewalls and antivirus products can be used to identify and slow (or halt) the propagation of computer worms, which, unlike viruses, can act independently once released.

• Viruses. Antivirus products can scan for, remove, and often repair damage done by viruses obtained from opening infected e-mails or other means.

• Trojans. Antivirus products can identify and remove Trojan horse software (i.e., malicious software that masquerades as legitimate software), while firewalls can be used to spot and prevent network traffic associated with Trojan horse software.

• Vulnerability scans. Firewalls can be used to prevent automated portscanning tools from outside the firewall from uncovering open ports on (or otherwise learning about) potentially vulnerable machines behind the firewall.

• Denial-of-service attacks. Firewalls can often assist in mitigating denial-of-service attacks by blocking traffic from offending network addresses.

• Insider misbehavior. Firewalls are often used to block specific kinds of network traffic (or requests) from those inside the firewall as well—for example, by not allowing traffic over specific ports used by applications deemed inappropriate for a given setting (e.g., P2P file-sharing applications in an office setting) or by blocking access to specific Web sites that an organization has deemed inappropriate for a given setting.