Type | ID | Question | Answer | Source |
|---|---|---|---|---|
3RD_PARTY | FW0001 | When using a third-party network (e.g. in a managed office) where details of the firewall or router are unavailable, how do we meet the firewall requirements? | If the third party is unwilling or unable to provide the details of their firewall or router, you need to use software firewalls on the end user devices or purchase your own equipment to use as the boundary. | CHANGES 280423 |
SECURITY | FW0002 | From a eduroam / unmanaged network / vpn point of view firewalled do we need to implement a VDE to allow access ? | 0 | UCISA_110523 |
VPN | FW0003 | Clients have cloud VPN and when they fill in the 4.5 firewall services they answer No. 5.4 internally hosted services - no. IASME moderation raises this as issue and expects to answer as yes. The client has got cloud VPN which is not hardware installed on their network. IASME might need to include this in type of cloud VPN/firewall in the marking scheme. | We'll add it as feedback and see if the scheme manager wants to add that into the marking guide | AW_230523 |
SECURITY | FW0004 | How can we tell if a router has a firewall built in? | Most routers will have a built-in firewall. If you do not have a separate firewall, we would suggest that the router is where the firewall rules are applied. If it is an ISP supplied home router, this may not need to be included in the scope. If you need to set up a router owned by your organisation, visit the vendor website for details about the available features and how to apply the firewall rules. | QUESTIONS_300823 |
SECURITY | FW0005 | Is it possible to permit Remote Desktop access and still be compliant with the guidelines in Cyber Essentials? | As others have stated, it is still possible to gain Cyber Essentials. | LINKEDIN_290923 |
General
Content
Integrations