Firewalls

Ensure you purchase all network hardware, including the firewall, directly from the manufacturer or resellers authorized and certified by the equipment manufacturer.

Always ensure the latest firmware is running.

Shutdown unused physical interfaces on the device.

Implement access lists that only allow the required protocols, ports, and IP addresses and deny everything else.

Never use default usernames and/or passwords.

Monitor outbound traffic to prevent internal machines from being used to launch a zombie attack on a server.

Use egress filtering to block all traffic by default, allowing only certain traffic such as email and the Web.

Consider purchasing a firewall with three connections; one for the internal network, one for the Internet, and the third for the DMZ.

Use NTP to synchronize the time on the firewall. This will ensure the logs have the correct timestamps.

Configure the Intrusion Detection System on the firewall if available.