The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies - potentially easy to be evaded by unauthorized parties. The authors present in this paper a proposal to create, manage, and deploy consistent policies in those components in an efficient way. To do so, they combine two main approaches. The first approach is the use of an aggregation mechanism that yields consistent configurations or signals inconsistencies. Through this mechanism they can fold existing policies of a given system and create a consistent and global set of access control rules - easy to maintain and manage by using a single syntax.