Limitations:

1) Firewall cannot protect against what has been authorised.

2) It can not stop social engineering attacks or an unauthorised user intentionally using their access for unwanted purpose.

3) It can not stop attacks if the traffic does not pass through them.

4) They are as effective as the rules they are configured to enforce.

Capabilities:

1) They are excellent at enforcing corporate security policies.

2) They are used to restrict access to specific services.

3) Majority of the firewalls can even provide selective access via authentication functionality

4) Firewalls are singular in purpose and do not need to be made between security and usability.

5) They are excellent auditors.

6) They are very good at altering appropriate people at specified events.