A best practice security policy is iterative.
It is a tool for safely enabling applications, users, and content
by classifying all traffic, across all ports, all the time. As soon
as you
Define the Initial Internet Gateway Security Policy, you must
begin to monitor the traffic that matches the temporary rules designed
to identify policy gaps and alarming behavior and tune your policy
accordingly. By monitoring traffic hitting these rules, you can
make appropriate adjustments to your rules to either make sure all
traffic is hitting your whitelist application allow rules or assess whether
particular applications should be allowed. As you tune your rulebase,
you should see less and less traffic hitting these rules. When you
no longer see traffic hitting these rules, it means that your positive
enforcement whitelist rules are complete and you can
Remove the Temporary Rules.