Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Guidelines on Firewalls and Firewall Policy



John P. Wack, Ken Cutler, Jamie Pole


[Superseded by SP 800-41 Rev. 1 (September 2009):] This document provides introductory information about firewalls and firewall policy. It addresses concepts relating to the design selection, deployment, and management of firewalls and firewall environments. It is an update to NIST Special Publication 10, Keeping Your Cite Comfortably Secure: An Introduction To Firewall Technology. This document covers IP filtering with more recently worked policy recommendations, and deals generally with hybrid firewalls that can filter packets and perform application gateway services. This document also contains specific recommendations for policy as well as a simple methodology for creating firewall policy.
Special Publication (NIST SP) - 800-41
Report Number


active content, DMZ, firewall, intrusion detection, packet filtering
Created January 1, 2002, Updated February 19, 2017