Use this policy template to define and document the purpose, scope, objectives, and roles and responsibilities for firewall operations and management.

Also In

Develop Infrastructure & Operations Policies and Procedures

Document what you need to document and forget the rest.

Related Content

Hide Details

Search Code: 5686
Published: February 9, 2010
Last Revised: May 8, 2018


  • Missing comment
    Dan Anderson | 01-26-2016

    This seems to be more than a little dated, (any time 'gopher' as a protocol on a policy you know you are working with something very old). Beyond that, this doesn't seem to account for anythign beyond a basic firewall implementation (only an inside and outside zone are mentioned, not multiple DMZ's, VPN traffic is assumed to transit the same device).

    • 432c05244a845caaca3b276adb15a11e comment
      Info-Tech Research Group | 01-27-2016

      Thank you for pointing out the age of this policy.
      Our policy templates are mapped to both ISO27001 and NIST 800-53 standards in order to apply as broadly as possible to our client base. If there are additional firewall implementation considerations, the templates are highly customizable to reflect those add-ons. We are happy to review people’s policies if that is of interest - just contact your account manager.
      We also hope to update these policies within the year and make them more relevant.
      Thanks again.


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019