Security Policies • Security policies govern security for the enterprise. • The security policy would detail your firewall rules. For example, this policy would define what traffic is allowed in and out of your network, by who, when, and what will be logged. • With this information, the firewall administrator would create the firewall rules to secure the network. • So, you can see how, ideally, the security policy should be written first as that is what is used to configure the firewall and, thus, secure the network.