Up to this point, this document has provided a basic vocabulary of threats and risks associated with the Internet, how Internet firewalls can be used to address those problems, and some examples of firewall implementations. This chapter provides basic guidance on designing a network service policy and choosing a firewall design policy, and then discusses next steps in obtaining a firewall. It closes with a discussion of issues involved in maintaining a firewall and other steps for improving overall network security. The discussion is brief and serves only to raise issues; readers are urged to consult more complete discussions such as [RFC1244] and [Ches94], and specific examples of policies such as in [Avol94].