Frequently Asked Questions about the Cyber Essentials Control
The below will appear on the Refined page at Firewalls : FAQ
QUESTION | ANSWER |
|---|---|
Clients have cloud VPN and when they fill in the 4.5 firewall services they answer No. 5.4 internally hosted services - no. IASME moderation raises this as issue and expects to answer as yes. Absolutely correct. The client has got cloud VPN which is not hardware installed on their network. IASME might need to include this in type of cloud VPN/firewall in the marking scheme. | We'll add it as feedback and see if the scheme manager wants to add that into the marking guide |
For third parties that manage network devices (e.g. routers and firewalls) and won't give out technical details, won't the third parties CE+ certification be sufficient? | Where they are unwilling to provide the information, (in a managed office for example), you can purchase your own boundary equipment and use that as your boundary, or use software firewalls to create your own boundaries. |