One of the important things often overlooked in a business network is to have a network security policy.
Policy that safe guards a network from miss use. Not too restrictive such that work cannot be done but also be able to prevent intentional as well as unintentional miss use.
Obviously this is a big topic so I would like to focus more on network devices such as switches, routers, firewall etc.
Any leads, advice, directions on how to create a network policy, from conceving it to implementation, testing and applying it in prod would be most appreciated.