Even the "hardware" firewalls run SOFTWARE... using CISCO as the example, their rapid blaze switches, thats hardware switching, but it still runs software, point proven by the fact that about 4 months ago we (the company I work for) found a hole in their management software which meant that we could make any CICSO switch of the same model start generating random malicious packet data.
Whats the relevance? Even if its a "hardware solution" its still running some form of software. There is no way other than physically unplugging a system, to make it "safe" or not vunrable to attacks. Trust me on this, I get paid mega bucks to do this kind of shite
