Most firewalls offer extensive logging, auditing, and monitoring
               capabilities as well as alarms and basic intrusion detection system

               (IDS) functions.

               Firewalls are typically unable to block viruses or malicious code (i.e.,
               firewalls do not typically scan traffic as an antivirus scanner would)
               transmitted through otherwise authorized communication channels,
               prevent unauthorized but accidental or intended disclosure of
               information by users, prevent attacks by malicious users already

               behind the firewall, or protect data after it passes out of or into the
               private network. However, you can add these features through special
               add-in modules or companion products, such as antivirus scanners
               and IDS tools. There are firewall appliances that are preconfigured to
               perform all (or most) of these add-on functions natively.

               In addition to logging network traffic activity, firewalls should log
               several other events as well:

                    A reboot of the firewall


                    Proxies or dependencies being unable to start or not starting

                    Proxies or other important services crashing or restarting

                    Changes to the firewall configuration file

                    A configuration or system error while the firewall is running

               Firewalls are only one part of an overall security solution. With a
               firewall, many of the security mechanisms are concentrated in one
               place, and thus a firewall can be a single point of failure. Firewall
               failure is most commonly caused by human error and
               misconfiguration. Firewalls provide protection only against traffic that

               crosses the firewall from one subnet to another. They offer no
               protection against traffic within a subnet (in other words, behind the
               firewall).

               There are several basic types of firewalls, including static packet-
               filtering firewalls, application-level gateway firewalls, circuit-level
               gateway firewalls, and stateful inspection firewalls. There are also
               ways to create hybrid or complex gateway firewalls by combining two

               or more of these firewall types into a single firewall solution. In most