Firewalls and antivirus software

Act as a security guard between internal and external networks, monitoring all incoming and outgoing traffic.
Firewalls use a set of defined rules to allow or block traffic.
Can be hardware or software-based. Hardware firewalls protect the whole network while software ones protect individual devices.
Firewalls use packet filtering to examine packets of data transferred across the internet.
Some firewalls includes intrusion detection systems (IDS) to monitor network traffic and alert the system or network administrator of suspicious activities.
Limitations of firewalls:
- Cannot protect against attacks that bypass them (e.g. physical or internal attacks).
- Not designed to protect against malicious software embedded in an authorized user’s files.

Antivirus software is a type of programme designed to prevent, detect, and remove software viruses, and other malicious software.
Antivirus software detects and removes viruses by scanning files or directories and comparing the data to a database of virus signatures.
Most modern antivirus software employs heuristic-based detection, allowing it to detect viruses not yet in its signature database.
Auto-update function is crucial in keeping the software effective, as new viruses are created and spread every day.
Limitations of antivirus software:
- Cannot protect against a virus not already in its database.
- Can potentially slow down the system they are protecting.
- False positive issues - incorrectly identifying a safe file as a virus.

They form the first line of defence in network security.
Help to protect sensitive data and prevent unauthorized access to networks and systems.
Minimise the risk of damage caused by malicious software such as viruses, worms, and Trojans.
Contribute to complying with legislation policies and procedures concerning data protection and IT security.
Mitigate potential financial loss due to attacks and breaches.
Maintaining trust with customers and stakeholders by demonstrating commitment to security.