Cyber Essentials Section 1 - Firewalls and Internet Gateways

The Cyber Essentials is a UK government-backed framework which is designed to assist organisations in protecting themselves against common threats.  The Cyber Essentials provides a basic cyber security foundation that can serve as a stepping stone to a more comprehensive zero-trust approach. The Cyber Essentials is built on 5 key components that, when implemented correctly, can reduce cyber risk.  The five key components are:

1. Firewalls and Boundary Devices
2. Secure Configurations
3. Access Control
4. Malware Protection
5. Patch Management

Tenable has released a series of dashboards, that focuses on each of the five basic technical controls, which organisations can use to help strengthen their defences against the most common cyber threats.

The focus of this dashboard is Section 1 - Firewalls and Internet Gateways.  Key components of this section apply to all the following in scope devices: Boundary Firewalls, Desktop Computers, Laptops, Routers, Servers, Iaas, PaaS, and SaaS devices.  Devices must be secure and only necessary network services should be able to be accessed from the Internet. The objective of this key component is the control of inbound/outbound traffic.

This requirement applies to every in scope device, and can be achieved using Boundary Firewalls to restrict inbound or outbound traffic, a software firewall which is installed and configured on each end point device, or for cloud services, data flow policies. Most end point devices, such as desktops and laptops come with software firewalls pre-installed, and the Cyber Essentials recommends that these services be enabled.  Essentially, every in scope device must be protected by either a properly configured firewall, or a network device with firewall functionality. 

Widgets

• Firewall Rule Enumeration - The Firewall Rule Enumeration widget provides statistical details on firewall compliance results.  

• Infosec Team Asset Discovery Inventory - This statistics widget displays information related to Asset Discovery and Inventory.

• Active Ports Summary - This bar chart displays vulnerability severity data related to all ports except well known ports.  The information displayed includes the severity, and a count for each port number identified.

• Active Well Known Ports Summary - This bar chart  displays vulnerability severity data related to well known ports.  The information displayed includes the severity, and a count for each port number. 

• Firewall and Boundary Device Detected - This table displays firewall and boundary devices that have been enumerated in the environment