Best practices

These are the best practices regarding tracking firewall changes:

• Always implement the approach of DENY ALL and ALLOW some for the firewalls
• Avoid the rule of 0.0.0.0/0 in the firewall, with a set of exceptions, such as HTTP or HTTPS port, which can be justified
• There should be a firewall justification document that contains each and every firewall rule along with the justification for why that rule is needed
• Set up alarms that will alert the Security Team whenever there are any changes to the firewall