Most organizations install firewalls at the network gateways to protect against external threats. This however does not protect internal threats. Unfortunately, intruders do not only reside outside the organization, they also reside from within. As a matter of fact, most of security threats are actually coming from internal users. Globally, this type of threat is increasing as the organization’s network security perimeter is disappearing. As the information technology becomes dominant, businesses require more and more connectivity to partners, customers, vendors, contractors, consultants, etc, to be in the leading edge and to gain competitive advantage. As a result, the organization’s network is populated with people, both trusted and untrusted. “It is estimated that 80% of attacks are from within the organization. The most serious security breaches resulting in financial losses occurred through unauthorized access by insiders. Insiders represent the greatest threat to computer security because they understand the organization’s business and how the computer systems work. Therefore, an insider attack would be more successful at attacking the systems and extracting critical information.” (The Insider Threat). Personal firewall which is installed at the desktop ensures some measures of protection from potential attackers. It will also detect and notify any unauthorized attempt to access the desktop or the information residing on it. Reports generated by the personal firewall can be the starting point for investigating potential threats, be it from external or internal parties.