Firewalls can't protect very well against things like viruses or malicious software (malware). There are too many ways of encoding binary files for transfer over networks, and too many different architectures and viruses to try to search for them all. In other words, a firewall cannot replace security-consciousness on the part of your users. In general, a firewall cannot protect against a data-driven attack--attacks in which something is mailed or copied to an internal host where it is then executed.

Alternate Answer:
Properly configured firewalls can limit the propagation of worms - a form of malware.  Typically, firewalls are edge or parameter devices (separates network zones) and most viruses and malware targets end points (user workstations and servers).

Multiple processes must agree that they will share the same connection, where every parameter is the same, including the security settings.  The connection string must be identical.

Security can be handled at the machine, domain, or sharepoint level.

By default, all sites are created private.If you want your site to be a public Web site, enable
anonymous access for the entire site. Then you can give out your URL to anybody in your
business card, e-mail or any other marketing material. The URL for your Web site will be:
http:// yoursitename.wss.bcentral.com
Hence, please take special care to name your site.
These Web sites are ideal for information and knowledge intensive sites and/or sites where you
need to have shared Web workspace.
Remember: Under each parent Web site, you can create up to 10 sub-sites each with unique
permissions, settings and security rights

Microsoft Windows SharePoint Services Technical security measures provide firewall protection,
intrusion detection, and web-publishing rules. The Microsoft operation center team tests and
deploys software updates in order to maintain the highest level of security and software reliability.
Software hot-fixes and service packs are tested and deployed based on their priority and level of
risk. Security related hot-fixes are rapidly deployed into the environment to address current
threats. A comprehensive software validation activity ensures software stability through regression
testing prior to deployment.

Security levels are assigned by the administrator who is adding the user. There are four levels by
default and additional levels can be composed as necessary.

1. Reader - Has read-only access to the Web site.
2. Contributor - Can add content to existing document libraries and lists.
3. Web Designer - Can create lists and document libraries and customize pages in the Web site.
4. Administrator - Has full control of the Web site.

A container that implements the Web component contract of the J2EE architecture. This contract specifies a runtime environment for Web components that includes security, concurrency, life-cycle management, transaction, deployment, and other services. A Web container provides the same services as a JSP container as well as a federated view of the J2EE platform APIs. A Web container is provided by a Web or J2EE server.

If an assembly is installed into the BIN directory, the code must be ensured that provides error
handling in the event that required permissions are not available. Otherwise, unhandled security
exceptions may cause the Web Part to fail and may affect page rendering on the page where the
Web Part appears.

An individual (or application program) identity that has been authenticated. A user can have a set of roles associated with that identity, which entitles the user to access all resources protected by those roles.