These questions are intended to help you think through some of the issues which need to be addressed before you install a firewall as part of a network. I suggest going through them in order as they are arranged to dig deeper into the issues as they progress.
If you end up with a set of hosts that will need help from Comtech to get them all behind the firewall due to multiple rooms or buildings being involved you will need the answers to questions 2 and 4 to begin any discussion.
Why do you want to install a firewall?
What machines will be behind the firewall (nickname, hostname, IP)?
How would you classify each of these machines (client/desktop/workstation, server, printer, device controller, other)?
Where is each of these machines located (building, room, wall network outlet number)?
What operating system are each of these machines running?
What servers and services are each of these machines running?
What services and ports are you going to allow in through the firewall?
Will any of these vary based on the target host?
What services and ports are you going to allow out through the firewall?
Will any of these vary based on the source host?
Do any of the machines behind the firewall use network based authentication
or network filesystems?
Did you include these services and ports above?
How will the machines behind the firewall be administered?
Who is going to install and maintain the firewall, this includes setting up and modifying access rules, installing patches, and other basic maintenance needs?
Who is going to monitor the firewall, this includes checking logs for intrusion attempts and verifying legitimate traffic is not being blocked?