This policy is a supporting policy of the Information Security Policy, so the purpose of this policy is the same, to secure information. Firewalls are an essential component of am organisations information systems security infrastructure. Firewalls are defined as security systems that control and restrict network connectivity and network services. This policy defines the essential rules regarding the management and maintenance of firewalls at the company and it applies to all firewalls owned, rented, managed, or otherwise provided to / for your organisation. As firewalls establish a control point where access controls may be enforced, this policy is referenced in the Access Control Policy and the Access Control Procedure.