Firewalls

Content

Firewalls : FAQ

24/01/24

24/01/24

JC/NF

24/07/24

16/09/24

Why is it important to have a firewall?

A firewall monitors network traffic and only allows connections according to a set of security rules. It helps to protect your network from unauthorised access. It can be either a physical device or a piece of software. See the following article for details :

Firewalls main article

What is a software firewall?

A software firewall is a program running on a device which controls what connections are allowed to that device. Most common desktop and laptop operating systems include a built-in software firewall.

Are home routers supplied by Internet Service Providers in scope?

No , home routers supplied by the remote worker’s internet provider are not in scope for Cyber Essentials.

What is a VPN?

A VPN or Virtual Private Network is a way of encrypting your information so that it cannot easily be intercepted or read by a third party.

What is a port?

A port is the start or end point of a connection. They are used by programs and services to exchange information and help computers understand what to do with the data they receive. Ports are standardised across all network-connected devices, with each port assigned a number. Most ports are reserved for certain roles or ‘protocols’ — for example, all Hypertext Transfer Protocol (HTTP) messages go to port 80.

What does ‘correctly configured’ mean for a firewall in a Cyber Essentials assessment?

You must change the default password, prevent internet access to the firewall configuration, and block unauthenticated inbound connections. In addition any firewall rules for inbound connections must be approved and documented, and any unnecessary firewall rules should be removed when not needed.

What should be done if a device is connecting to a network that isn’t controlled by the organisation, such as a public wifi hotspot?

You need to ensure that the software firewall is configured on your device (for example, Windows Defender or MacOS firewall).

When using a third-party network (e.g. in a managed office) where details of the firewall or router are unavailable, how do we meet the firewall requirements? 

If the third party is unwilling or unable to provide the details of their firewall or router, you need to use software firewalls on the end user devices or install your own device to use as the boundary.

How can you tell if a router has a firewall built in?

Most routers will have a built-in firewall. If you do not have a separate firewall, we would suggest that the router is where the firewall rules are applied. A home router supplied by your internet service provider would not need to be included in the scope, however business routers would be. If you need to set up a router owned by your organisation, visit the vendor website for details about the available features and how to apply the firewall rules.

Is a commercial VPN such as NordVPN considered compliant for Cyber Essentials?

Commercial VPNs are not considered compliant because there is no control of the internet boundary. You don’t have any control over the gateways and no central policy management or centralised management console are involved. An acceptable VPN solution should have a secure tunnel to corporate systems behind a managed firewall or be a cloud solution with centralised policy management system.