Can I watch NIS host intrusion/firewall configure itself from "square one"?

I want to configure Norton firewall/av form the very "first boot" on a clean machine. The idea is to set program contol to "ask everytime" for all connections and application requests.

 

I want to have the best chance to see all firewall rules being created and all application signatures monitored and allowed or denied?

 

Plus, I'd like to "see" or know how NIS generates it's starting lists of safe apps and rules, the settings that seem to be present even before NIS installation is confirmed  and enabled.

 

I want to know how and why only certain options are available when alerts come up. I want to know how and when "signatures" or safe lists or updated.

 

Hey experts, how would you do this?

 

Any tips? 

 

Thanks in advance.