![]() |
The goal of firewall performance tuning is ultimately to create a ruleset that will be matched by legitimate traffic as quickly as possible, which means the ruleset needs to be well-written. You don't want to pass bad packets in the name of speed, so some degree of specificity is necessary within the ruleset. |