After you gain visibility and context
into the traffic on your network—applications, content, threats,
and users—implement strict controls to reduce the attack surface
and prevent known and unknown threats to complete the transition
to a best practice configuration.
After you implement control capabilities, the firewall can scan
all allowed traffic and detect and block network and application-layer
vulnerability exploits, buffer overflows, DoS attacks, port scans,
and known and unknown malware variants. The firewall controls application
and user access as well as blocking malicious and unwanted applications.
