Chapter 2. Planning Your FireWall-1 Installation

Careful planning should precede the installation of any firewall. In this chapter, I first discuss how to determine the current state of your network by developing a network topology. Next, I discuss how to discover "zones of trust" and figure out where to put your firewalls. I then show you how to set down some basic security policies in writing. And finally, I cover one of the trickiest parts of a FireWall-1 installation: licensing.

By the end of this chapter, you should be able to:

  • Explain what a security policy is and how it applies to your organization

  • Break down a security policy into three critical components: what, who, and how

  • Develop an overall firewall architecture and rulebase design using your organization's security policy as a guide

  • Understand what license types are available, how they are enforced, and how to get them