Done with DIY?

Call 866-403-5305 to Learn About our Configuration Services

Firewall Configuration Quick-Start Checklist

This checklist is designed to assist network administrators in the beginning stages of their firewall
hardware configuration process. This is not an exhaustive list of all possible options, services, &
considerations and as such should not be utilized as a finalized text for network security documentation.
The purpose of this checklist is to help in gathering the necessary preliminary data that will be required
while configuring your network.

If you have any questions about something you find in this checklist, contact our Firewalls.com
Professional Services Support team at 317-225-4117 for personalized assistance.

Get Secure.

Stay Secure.

Company Name: Employee Completing Configuration:

______________________________________ ________________________________________

Friendly Site Name: Firewall Brand & Model:

______________________________________ ________________________________________

Firewall Serial Number: Security Services Expiration Date:

______________________________________ ________________________________________

Firewall Secured with Rack Mount Firewall has POE

Yes ☐ No ☐ Yes ☐ No ☐

Firewall Configuration Quick-Start Checklist - 1

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Pre-Configuration

The specific goals of your firewall configuration will be highly shaped by the applications actually being
utilized on your network and the users that access them. Therefore, the wisest first step in any
configuration process should be to audit all of the variable details that the real-world usage of your
network dictate. Use the space provided below to record relevant information about your applications
and users, as these details will be referenced throughout the checklist.

Internally-Hosted Network Applications

Users/Groups/Zones
Application Name Internally Hosted?
That Require Access

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Yes ☐ No ☐

Firewall Configuration Quick-Start Checklist - 2

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Pre-Configuration

Active User Groups & Zones

Number of
Group/Zone Restricted Applications Special Notes
Users

Firewall Configuration Quick-Start Checklist - 3

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 1 – WAN Settings

WAN Connection Type:

Dynamic (DHCP)

ISP Provider: _____________________________________________________________

Download Bandwidth Speed: ________________________________________________

Backup WAN Connection

Yes ☐ No ☐

Static IP

ISP Provider: _____________________________________________________________

Download Bandwidth Speed: _______________________________________________
WAN Public IP Address: ____________________________________________________
WAN Subnet Mask: _______________________________________________________
WAN Gateway: ___________________________________________________________
WAN DNS Server 1: _______________________________________________________
WAN DNS Server 2: _______________________________________________________

Backup WAN Connection

Yes ☐ No ☐

Firewall Configuration Quick-Start Checklist - 4

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 2 – LAN Settings

LAN IP Address: _________________________________________________________________

Subnet Mask: ___________________________________________________________________
Internal DNS Server IP Address: ____________________________________________________

DHCP Enabled on Firewall LAN

Yes ☐ No ☐

List any additional Networks, VLANs, or Static Routes:

______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________

Firewall Configuration Quick-Start Checklist - 5

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 3 – Wireless Networks

Corporate Network SSID: __________________________________________________________

Pre-Shared Key: _________________________________________________________________

Wireless Network Bridged to the Internal Network

Yes ☐ No ☐

Include a Guest Network

Yes ☐ No ☐

Firewall Configuration Quick-Start Checklist - 6

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 4 – Firewall Rules & Policies

Outbound Policies

LAN > WAN Allow All Outbound

Yes ☐ No ☐

Block Custom TCP/UDP Ports Outbound

Yes ☐ No ☐

Additional Ports Opened Outbound: ________________________________________________

______________________________________________________________________________
_________________________________________________________________

Inbound Policies

Port Forwards for VOIP

Yes ☐ No ☐

Port Forwards for Email:

Yes ☐ No ☐

Additional Port Forwards for Internal Hosting Services: ________________________________

______________________________________________________________________________
______________________________________________________________________________

Firewall Configuration Quick-Start Checklist - 7

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 5 – Security Settings

Inspection Mode (Circle One)

Flow Based Proxy Based

GeoIP Blocking

Enable:
Yes ☐ No ☐

GeoIP Blocking Exclusions: ________________________________________________________

______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________

Content Filtering Service

Enable:
Yes ☐ No ☐

Content Filtering by Categories

Allow: __________________________________________________________________
________________________________________________________________________

Monitor: ________________________________________________________________
________________________________________________________________________

Block: __________________________________________________________________
________________________________________________________________________

Additional Websites or Categories to Allow/Monitor/Block: _______________________

________________________________________________________________________
________________________________________________________________________
________________________________________________________________________

Firewall Configuration Quick-Start Checklist - 8

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Access Control Lists

Enable:
Yes ☐ No ☐

Resources & Network Functions

Allow: __________________________________________________________________
________________________________________________________________________

Prioritize: _______________________________________________________________
________________________________________________________________________

Block: __________________________________________________________________
________________________________________________________________________

Additional Security Services

Gateway AntiVirus:
Yes ☐ No ☐

Anti-Spyware:
Yes ☐ No ☐

Intrusion Prevention System:

Yes ☐ No ☐

Firewall Configuration Quick-Start Checklist - 9

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 6 – Advanced Features & Options

Active Directory Integration:

Yes ☐ No ☐

Enable Single Sign On:

Yes ☐ No ☐

Enable MAC-IP Trusted Pairing:

Yes ☐ No ☐

Enable DPI/SSL:
Yes ☐ No ☐

Email SMTP:
Yes ☐ No ☐

High Availability:
Yes ☐ No ☐

VOIP Configuration:
Yes ☐ No ☐

Enable SMAC Filtering:

Yes ☐ No ☐

Create Local Backup:

Yes ☐ No ☐

Enable Advanced Threat Protection:

Yes ☐ No ☐

Firewall Configuration Quick-Start Checklist - 10

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Disable HTTP Management Access:

Yes ☐ No ☐

Default Admin Credentials Changed:

Yes ☐ No ☐

Additional Cloud Security & AWS Requirements: ______________________________________

______________________________________________________________________________
______________________________________________________________________________

Additional Regulatory Compliance Requirements: ______________________________________

______________________________________________________________________________
______________________________________________________________________________

Firewall Configuration Quick-Start Checklist - 11

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 7 – Firewall Rule Documentation

Best practices dictate that admins maintain dynamic documentation for all of the rules active on a
network firewall. The next two pages of this document will help outline the types of rules and their
functions implemented during this configuration.

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Configuration Quick-Start Checklist - 12

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Configuration Quick-Start Checklist - 13

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Configuration Quick-Start Checklist - 14

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Rule Name: ________________________________________________

Date Added: ______________________________________________________
Expiration (If Applicable): ____________________________________________
Rule Created By: ___________________________________________________
Purpose of Rule: ___________________________________________________
Services & Applications Affected: _____________________________________
Users, Groups, & Devices Affected: ____________________________________

Firewall Configuration Quick-Start Checklist - 15

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 8: Physical Security

While all previous sections of this document covered the virtual attack vectors of a network firewall, it is
also critically important that physical security of the appliance be considered and documented. Who has
access to your server rack, what times and days of the week your appliances are accessible, and
procedures for physical access can play as important a role in network security as any service
subscription or configuration setting.

Friendly Name of Firewall Location: ________________________________________________

Who Has Access to Server Rack Housing This Firewall: _________________________________

______________________________________________________________________________
______________________________________________________________________________

Which Days of the Week & Times Is Server Rack Accessible: ____________________________
______________________________________________________________________________
______________________________________________________________________________

Who to Contact in Case of Natural Disaster or Emergency Loss: __________________________

______________________________________________________________________________
______________________________________________________________________________

Firewall Configuration Quick-Start Checklist - 16

 Done with DIY? Call 866-403-5305 to Learn About our Configuration Services

Section 9: Additional Notes

_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________
_____________________________________________________________________________________

Have questions about any of the Professional Service options offered by

Firewalls.com? Give us a call at 866-403-5305 or email [email protected] for
information about configuration services, next-gen firewall products, network security
bundles, Security-As-A-Service, & more. Our Professional Services team is 100% local,
performing all work out of our Indianapolis-based Security Operations Center.

Professional Services

Custom Security Solutions

Copyright © 2020 - Firewalls.com, Inc. - All Rights Reserved

Firewall Configuration Quick-Start Checklist - 17