I am have never configured a firewall before and I need some advice...
At my facility I would like to segregated the Office area from the Plant/Production area with a firewall to monitor and filter traffic. The plant/production area is mission critical to our business and I want to limit the chances of a virus on someone's pc spreading to the plant area. What we have done is put a Juniper Netscreen 5gt between the plant and office areas and it physically links the two areas together. We already setup several rules on the netscreen to monitor traffic/data that is passing through it so that we can better get an idea of what ports are being used.
As far as I can tell here is the type of traffic that need to be able to pass between the office and plant:
file and print
Should I only allow communications on certain ports? Or should I just block certain ports?