One of the five major controls for the Cyber Essentials Scheme is to configure and deploy a network firewall. A firewall is a network security system that creates a buffer zone between your company’s network and external networks. In simple terms, a secure zone is created between devices in an organisation and the internet.
Cyber Essentials requires that all devices that are connected to the internet should be protected with a firewall. We will explain this requirement and how to comply with it from a non-technical perspective.
Types of firewall
Before we proceed forward, it is first important to understand the two types of firewalls that can be used. A personal firewall can be installed on internet-connected desktops or laptops. Typically, most operating systems come with a built-in personal firewall.
A boundary firewall or network firewall can be used if you have a mix of different devices in your organisation. This provides a protective buffer around your entire network. In most cases, you need to set up a hardware firewall i.e. dedicated firewall machine to deploy a boundary firewall.
Understanding how firewalls work
A point-of-entry for attackers is when devices communicate with other devices and services across networks. If you can restrict access to this communication, the risks of attacks are reduced. Firewalls can help you achieve this by ensuring that only safe and necessary network services can be accessed via external networks such as the internet.
A network firewall is a dedicated network device that restricts the inbound and outbound network traffic to external devices and services. It prevents desktops, laptops, and mobile devices within a network from accessing malicious or harmful traffic.
Firewalls achieve this accomplish this by implementing restrictions that are known as firewall rules. These rules allow or block incoming traffic into a network depending on its source, destination, and communication protocol.
Firewall requirements of Cyber Essentials
The Cyber Essentials certification requires businesses to use and configure a firewall to protect all devices, particularly the ones that are connected to public or untrusted Wi-Fi networks. Every device in this scope must be protected by a properly configured firewall.
To comply with Cyber Essentials, organisations must:
- Disable permissive firewall rules once they become obsolete.
- Make use of personal firewalls on devices that are on untrusted networks such as a public Wi-Fi hotspot.
- Block unauthenticated and untrusted inbound connections by default.
- Ensure that manufacturer passwords and default settings are reviewed and updated according to the organisation’s security requirements.
- Make use of strong administrative passwords for firewalls. This means that the passwords should contain a mix of upper and lower-case characters, numbers, and symbols. Alternatively, remote administrative access should be disabled altogether.
- Use firewall rules that are approved and documented by an authorised individual such as the security administrator.
- Restrict access to the administrative interface. The interface is used to manage and configure firewalls from the internet. If there is a business need to provide the access then the interface should be protected with:
- Two-factor authentication.
- An IP whitelist that limits access to the interface from a small number of devices only.
A firewall is used for securing devices within a network and mitigating the risks of outsider attacks. Setting up a properly configured firewall is one of the first steps towards a Cyber Essentials certification.
If you would like to learn more about network firewalls and how to configure them for Cyber Essentials, contact us right away. CyberSmart partners with you to make your journey towards becoming a secure and compliant organisation simpler and easier.