Cyber Essentials Plus Firewall Requirement

Lets take a look at the Firewall technical control required to pass Cyber Essentials Plus

Written by: David Henderson on Jan 01, 2023

The threat of cyber attacks on organisations continues to grow with more and more businesses in every industry falling victim to data. As these threats continue to evolve in sophistication, it has become essential for organisations to strengthen their cyber resilience.

The Cyber Essentials Plus certification offers help to businesses who want to safeguard themselves from the most common cyber threats. One critical control the certification places emphasis on is Firewall protection.

In this article, we look at the significance of firewalls, how they play a pivotal role in protecting your business from cyber attacks and the technical requirements you must meet to obtain your certification.

What Is a Firewall?

A firewall is typically a software network security tool that monitors both incoming and outgoing network traffic and decides whether to allow or prohibit certain data based on predefined security guidelines.

Firewalls come in many different shapes and forms and can be installed on individual devices or at a network level. They are often seen as a first line of defence against incoming malicious attempts to gain access to a device or network.

Requirements for the Cyber Essentials Plus Firewall Requirement

Under the Cyber Essentials Plus certification, organisations must demonstrate that they have appropriate firewall protection in place. The scope of this control covers all internet-connected devices including boundary firewalls, desktop computers, laptop computers, routers and servers.

In addition, the cyber essentials plus firewall requirement will require you to follow these best practices:

  • Change any default administrative password to an alternative that is difficult to guess (see Password-based authentication) — or disable remote administrative access entirely
  • Prevent access to the administrative interface (used to manage firewall configuration) from the Internet, unless there is a clear and documented business need and the interface is protected by one of the following controls: o a second authentication factor, such as a one-time token o an IP whitelist that limits access to a small range of trusted addresses
  • Block unauthenticated inbound connections by default
  • Ensure inbound firewall rules are approved and documented by an authorised individual; the business need must be included in the documentation
  • Remove or disable permissive firewall rules quickly, when they are no longer needed. Use a host-based firewall on devices which are used on untrusted networks, such as public Wi-Fi hotspots.

Need help?

Email Us
email hidden; JavaScript is required

Call Us
+ 4428 9099 5777

Or send us a quick message

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.