Administrator's Handbook
An approach to using filters
The ultimate goal of network security is to prevent unauthorized access to the network without compromis-
ing authorized access. Using filter sets is part of reaching that goal.
Each filter set you design will be based on one of the following approaches:
•
That which is not expressly prohibited is permitted.
•
That which is not expressly permitted is prohibited.
It is strongly recommended that you take the latter, and safer, approach to all of your filter set designs.
170