The below will appear on the Refined page at Firewalls : FAQ
QUESTION | ANSWER |
|---|---|
What is a ‘segregated network’ in the context of Cyber Essentials? | A segregated network is part of a network that is behind a firewall or separated using a VLAN. If you are using this to remove devices from scope, any internet connections must also be blocked by the firewall or VLAN. |
When using a third-party network (e.g. in a managed office) where details of the firewall or router are unavailable, how do we meet the firewall requirements? | If the third party is unwilling or unable to provide the details of their firewall or router, you need to use software firewalls on the end user devices or purchase your own equipment to use as the boundary. |
How can we tell if a router has a firewall built in? | Most routers will have a built-in firewall. If you do not have a separate firewall, we would suggest that the router is where the firewall rules are applied. If it is an ISP supplied home router, this would not need to be included in the scope. If you need to set up a router owned by your organisation, visit the vendor website for details about the available features and how to apply the firewall rules. |