As many of the protocols Asterisk supports are used over a TCP/IP network, we need an understanding of how to control and firewall these correctly in order to ensure that we only let the necessary traffic pass through.
Our firewall will most likely be on a box separate from our Asterisk installation and placed at the network perimeter (we may also have a host-based firewall to which different rules may apply). In order to define the required rules, I won't detail how to configure a specific firewall product, but provide the details necessary to configure any device we have protecting our Asterisk installation.
These rules would apply to any device, be it iptables
on a Linux machine, a commercial firewall such as Microsoft ISA server or checkpoint, PIX, and so on. The product in use isn't the main issue, the protocol rules that are required are. We can then take these generic rules and apply them to any firewall device we decide to install.