Network security has long been the task of dedicated hardware devices, and they remain the first and best option to defend computer systems against network-based attacks. Something to remember is that the network is most likely to be a carrier of an attack, not the target for it. It makes sense, then, that the systems used to carry legitimate traffic are involved in the hunt for breach attempts.
Firewalls are quite commonly found at the edge of institutional networks, barricading them against the wild, unregulated environment of the Internet. Many threats will be untargeted searches for targets of opportunity and are easily stopped by even rudimentary firewalls. Most firewalls are focused on stopping unauthorized traffic from getting in. However, many of them can also be configured to selectively prevent outgoing traffic as well. Some attacks that attempt to break into sites try to steal storage space and bandwidth, perhaps to store files for...