The rules applied to your firewall should mirror your security policy. Your firewall should allow or deny traffic based upon these security rules. There are several types of rule sets in existence:

  • Open allows all traffic except that which has been specifically denied.
  • Restrictive allows and denies certain types of traffic.
  • Closed specifies what is allowed and denies everything else.

Consider which method is best for your company before implementing your security policy.