It is MOST important to make sure that the firewall is configured to do the following:
Alert management of a possible intrusion.
Deny all traffic and only permit by exception.
Deny all traffic based on known signatures.
Alert the administrator of a possible intrusion.
Firewalls manage traffic using filters, which is just a rule or set of rules. A recommended guideline for firewall
rules is, “deny by default; allow by exception”.