Avoiding firewall vulnerabilities in your organization’s security policy