Firewall Rule Base Best Practices

This is the companion page for my Firewall Rule Base Best Practices document.  I have listed all the resources I would otherwise have put at the bottom of the document.  In this way, I hope to keep them current, and to add new material when I find it without having to revise the original document.  If I have written it correctly, it should need little revision as time passes and technology changes.  We'll see.

Update 2003-01-27

When I started this document over three years ago, I was an InfoSec consultant working with firewalls on a day-to-day basis. As will be obvious from a look at the revision history at the bottom of this document, I have not found a great deal of time to devote to it. In addition I have since moved on, and I do not work with firewalls much in my current role.

I have been surprised at the number of requests that I get for this draft, and I apologize to all those who I've kept waiting though my lack of time. Thus, I am making this draft directly available on the Internet in the hope that it will be useful. I disclaim any and all liability-use it at your own risk.

If you would like to take over the maintenance of this document, let me know.

Best Practices


See also my Security Tools page, especially Firewalls& Firewall Tools.