Firewall policies can contain several thousand rules due to the large size and complex structure of modern networks. The size and complexity of these policies require automated tools providing a user-friendly environment to specify, configure and safely deploy a target policy. In this paper, we show that naïve deployment approaches can easily create a temporary security hole by permitting illegal traffic or interrupt service by rejecting legal traffic during the deployment. We make some contributions to the correctness of firewall policy deployments and we show that the category of type I policy editing is wrong and could lead to security vulnerabilities. We then provide a correct algorithm for publishing political class type I. Our algorithm can be used even for the deployment of policies whose size is very important.