Getting to know how exactly a firewall should be implemented will make the implementation process easier and will assure the security of the organization's IT infrastructure. There are a few key steps for implementing a firewall in a corporate environment. Each of these steps carries the same level of significance.

Define the access denial methodology
It is usually recommended that you start with an access denial methodology that denies all access by default. Therefore, in the default configuration, there should not be any gateway routes open so your firewall actually should be a brick wall with no openings.

Define the inbound access policy In case if your Internet traffic is originating from the Local Area Network (LAN), this may be quite a simple task. You can use a simple NAT router in order to block all inbound traffic that is not a response for a request originated from the LAN. Sometimes, you will need to grant access to the inbound connections originating from the Internet. This is especially true when it comes to other parties accessing your servers etc. In such case, you will need to come up with inbound connection criteria. When defining this criterion, there are many things that should be considered. Usually, organizations are advised to go for more stringent criteria in order to minimize the business risk. In case if you know the IP address of the originating request and if it is static, you can only allow traffic from such hosts. In case if the IP is not static, then you may have to use some other authentication method in order to filter.

Define outbound access policy
Many companies only need access to the web. In such cases, a proxy server is the best option. Using a proxy server, users can be selectively granted rights and the proxy configuration should be done in the browsers of each Internet user.

Define whether dial-in and dial-out access is required
If dial-in is required, then the use of PPP servers is required. Usually, PPP servers are kept outside the firewall. When it comes to dial-out, isolating those hosts from LAN is the best option.

Firewall of your choice
Once you define all your above requirements, it is time for purchasing the most suitable firewall for your company. There are many firewall brands and firewall integrators who completes the job at this level.