Now that the various components have been discussed, I will talk about making a rulebase. As mentioned earlier, the rulebase is what determines who can do what, where, and when. In order to make a rulebase, you need to create and configure the various components that make up the rulebase. Follow this order of business.
Get a map of the network(s) the firewall is designed to protect. It does not need to be a totally detailed map, but it needs to cover the major points of interest: physical and logical network segments being protected, any special hosts (externally accessible hosts or any hosts that require special access or restrictions), and all routers one hop away from the firewall.
Create network objects for ...