Industry standards for firewalling is to use a default deny policy, which denies communication that is not explicitly allowed. For more information, see the Istio documentation.
References:
https://istio.io/latest/docs/ops/best-practices/security/#use-default-deny-patterns
It is recommended to define Istio authorization policies following the default-deny pattern to enhance cluster's security posture. The default-deny authorization pattern means the system denies all requests by default, and conditions can be defined in which the requests are allowed. Ensure that your Istio YAML files have at least one AuthorizationPolicy where 'spec' block has the value '{}'. This will deny all requests by default.