Well for firewall rules
you should always create
the most specific rules first and the most general rules at the end
Let sa you have 5 rules
You create the most specifc rule in number one
the second most specific rule in number to and so on
Yes alway use aliases thats a good practice.... as like you well said its easy to manage it that way
If you got many servers to deny no dont do many rules for that with just one alias which contain all the servers thats the way... if you want to add another server just add them on the alias... and thats it... always use aliases when you can, which are like a group of firewall objects
If you can build one rule instead of 5 individual rules for each server denying it do so... don t do 5 rules deneying one by one the servers...
I dont know if that asnwer your questions if not please revert me and try to explain it to me easier my native language is not english but im willing to help if i can
Cheers
CArlos