1. Firewalls
Secure your network boundaries.
The aim of this control is to ensure that network services are protected from unauthorised access.
This control expects organisations to:
Change default admin passwords or disable remote admin access.
Disable admin access from the internet unless there is a legitimate business need for such access. If access is required, this should be protected by multi-factor authentication or an IP allow list .
Block unauthenticated inbound connections by default.
Ensure inbound firewall rules are approved and documented by an authorised individual with the business need for the rule stated.
Remove or disable unneeded firewall rules as soon as they are no longer required.
Ensure devices have software firewalls installed if they will be used on untrusted networks, such as public wi-fi.
Last updated