Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guidelines on Firewalls and Firewall Policy



John P. Wack, Ken Cutler, Jamie Pole


[Superseded by SP 800-41 Rev. 1 (September 2009):] This document provides introductory information about firewalls and firewall policy. It addresses concepts relating to the design selection, deployment, and management of firewalls and firewall environments. It is an update to NIST Special Publication 10, Keeping Your Cite Comfortably Secure: An Introduction To Firewall Technology. This document covers IP filtering with more recently worked policy recommendations, and deals generally with hybrid firewalls that can filter packets and perform application gateway services. This document also contains specific recommendations for policy as well as a simple methodology for creating firewall policy.
Special Publication (NIST SP) - 800-41
Report Number


active content, DMZ, firewall, intrusion detection, packet filtering


Wack, J. , Cutler, K. and Pole, J. (2002), Guidelines on Firewalls and Firewall Policy, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD (Accessed April 16, 2024)
Created January 1, 2002, Updated February 19, 2017