As a good security practice in a corporate environment, what is the type of ruleset that would be applied to the end of an access control list (acl) on the inbound and outbound border firewall(s)?