...
Where the "optimized" configurations in networking come from, are when you can manage to optimize your routing/processing to the littlest amount possible. This involves refining ACLs to a minimum to stop the router engine from stopping, sending an IRQ to the processor, and then looking at EACH ACL in priority until it hits a match. If no match, it simply forwards out the "default route". In a small office, it's not that heavy, but it's great to stick to best practice and scalability. Who knows, you could be working for the next Microsoft, and you get to help in TAKING OVER THE WORLD! coughsNarf. In this scenario, the firewall will process all packets and you want to keep as much processing for the firewall to do what the firewall does. It encrypts/decrypts packets for secure delivery, it filters packets, intrusion prevention, etc... By adding object groups, you can condense the ACLs based on traffic flows instead of each flow.
...