A firewall is a hardware/software combination that controls the type of services allowed to or from the web. Proxy servers are another common tool used in building a firewall. A proxy server allows system administrators to track all traffic coming in and out of an intranet. A bastion server firewall is configured to withstand and prevent unauthorized access or services. It is typically segmented from the rest of the intranet in its own subnet or perimeter network. In this way, if the server is broken into, the rest of the intranet won't be compromised. Server-based virus checking software can check every file coming into the intranet to make sure that it's virus-free. Authentication systems are an important part of any intranet security scheme. Authentication systems are used to ensure that anyone trying to log into the intranet or any of its resources is the person they claim to be. Authentication systems typically use user names, passwords, and encryption systems. Server based site blocking software can bar people on an intranet from getting objectionable material. Monitoring software tracks where people have gone and what services they have used, such as HTTP for Web access. One way of ensuring that the wrong people or erroneous data can't get into the intranet is to use a filtering router. This is a special kind of router that examines the IP address and header information in every packet coming into the network, and allows in only those packets that have addresses or other data, like e-mail, that the system administrator has decided should be allowed into the intranet.