Final considerations on setting up and maintaining the firewall

After configuring the firewall or adding DeltaV workstations to the firewall, open a command prompt on each DeltaV workstation (run → cmd) and type: ipconfig/flushdns to ensure there are no residual DNS settings on the computer.
Test and ensure that a user on the DeltaV LAN cannot use an Internet browser on a DeltaV workstation to connect to any web page.
On each DeltaV workstation, ensure there are no DNS servers configured in the IPv4 network settings. Remove the DNS settings if found.
Maintain the firewall:
- Use change management and records to approve and document firewall changes.
- Delete workstations from the internal and external list if they no longer need communications. It is especially important to delete workstations for external users with remote access.
- Delete users from the firewall as they change responsibilities - do not use a single user name and password for all firewall users who access the firewall's web UI. This is especially true for admin or engineer level users.
- Back up the configuration after all changes have been made and copy the backup to a computer.
- Create a configuration audit and store it with the backup whenever a change is made in the firewall configuration and protection.
- Do not restart the firewall unless all users can lose communications. Communications should be restarted when the firewall is restarted and the applications begin requesting data.