The Firewall has been Installed, Now What? Developing a Local Firewall Security Policy

Given the responsibility of configuring firewalls for a departmental network, I discovered that a local firewall security policy had not been written. This paper details the process I used to draft a perimeter device security policy for these firewalls. The firewall policy at the end of this document completes the policy draft process. The information gathered to draft a local firewall policy also lead to the creation of a PIX Firewall Security Services and Requirements matrix. This matrix maps HIPAA and local security requirements to the security technology solutions provided by the PIX firewall.