The National Institute of Standards and Technology (NIST) updates its firewall guidelines to reflect changes due to networking threats graduating from the perimeter to the interior and up the networking stack making older firewall technologies and policies inadequate. LINK TO NIST DOCUMENTATION

Updated recommendations for firewall implementation include:

• Creating a firewall policy that specifies how firewalls should handle network traffic. Policies for handling inbound and outbound traffic should be based on the specific security requirements, based on risk analysis.
• Identifying all requirements that should be considered when determining which firewall to implement. Organizations need to determine which network areas will be protected by firewalls and what technology is needed. Firewalls must be matched to existing network and security infrastructures.
• Creating rule sets that implement the organization's firewall policy while supporting firewall performance. Rule sets should be as specific as possible and be based on the types of traffic needed on a particular network.
• Managing firewall architectures, policies, software and other components throughout the life of the firewall solutions. Policy rules need to be updated as the organization's requirements change and when the network and the applications it supports change. Firewall software should be patched as updates are provided.