Working from Home, Firewall Security Guide – Part 1/5 (UK Cyber Essentials)

Original Post : https://www.linkedin.com/pulse/working-from-home-firewall-security-guide-part-15-uk-chani-simms/

Using a firewall to secure your Internet connection

Using a firewall to secure your Internet connection

This is not rocket science. Most of us use a smartphone. If you can find your way around a smartphone you are tech savvy enough to configure your home firewall/ router. Here are some very basic instructions.

There are two types of firewalls; boundary firewalls and end point or your device firewalls

Boundary Firewalls

Your boundary firewall/router is usually your internet router or the dongle that you buy from your Internet Service Provider (ISP) example: sky router, BT WIFI router, SLT router, WIFI/3G/4G dongle. Most routers will contain a firewall which could be used for boundary protection.

When you protect your Internet connection with a firewall, it creates a ‘buffer zone’ between your IT network and the outside world. By doing this your computers, mobile phones and all your internet connected devices behind the buffer zone can be protected, by the firewall analysing the incoming traffic to find out whether or not it should be allowed onto your network. Most firewalls these days allow all internally initiated traffic out and block everything externally initiated in, by default.

It is important that you have firewalls at the boundary between internally connected devices and the internet.
When you first receive an internet router or hardware firewall device, it would have come with a default password. One of the first things should do is to change this default password to a strong password or passphrase with at least 20 characters. This way you can stop any unauthorised person accessing your firewall/router. You can achieve this by doing the below:

To access your wireless router’s settings, you must find the default gateway IP address as this is usually your router IP. You can find this by running the following command in a command prompt on a Windows machine. Or you can use this article to for other operating systems https://www.purevpn.com/what-is-my-ip/default-gateway

C:\>ipconfig|find "Default"

Default Gateway . . . . . . . . . : 192.168.0.1

Type the value returned, in this case “192.168.0.1” into your web browser. When the page has loaded, try enter the username and password for the router. If you are struggling, Google how to configure the model of your router.

Find the option to change password. Once you change the password, make sure you write it down and hide it in a safe place or save it in your password vault and never use the same password for anything else.

You can also change the SSID of your router if you like, but don’t give names that would make it easier for strangers to identify which house/flat it is.

Enable WPA3 (Wi-Fi Protected Access version 3) if your device supports it else use WPA2, to encrypt your network traffic in order to prevent unauthorised users in the area using your internet. By doing this you are adding another layer of security, so only the users with a valid passphrase can connect to use your internet connection. You can enable this through the configuration settings in your router and adding a strong passphrase to access the network.
Check if the router is patched with all the latest firmware and software.
By default, most firewalls block all services. Make sure you do not have any services advertised or enabled that are accessible externally from the internet.
You can also set up different networks for guests, kids and office work, if you have more advanced kit. This article does not go into the details and if you need any help on this subject reach out to us and we will be happy to help.
Make sure your internet routers or hardware firewalls are configured to NOT allow access to their configuration settings over the internet. This setting is disabled on most devices, but some ISP’s enable this, so make sure you find the setting that usually says “allow remote administration of this device” and disable it. This will stop unauthorised users accessing your configurations settings over the internet. If you really need external access, then try to have it protected by either two-factor authentication or by only allowing trusted IP addresses to access the settings.

Endpoint firewalls

Endpoint firewalls are your software firewalls on your laptop or desktop, this usually comes with your Operating System (OS) at no extra charge. Example: Windows Defender Firewall on the Windows operating systems. This acts as another layer of protection. Make sure your devices’ software firewalls are enabled and working correctly.

How Meta Defence Labs can help you? we are an award wining team of security experts & a UK government accredited certification body for the UK Cyber Essentials and IASME frameworks.

Complementary consultancy and compliance pre-check with a cybersecurity consultant
Remote or onsite audits
Certification for Cyber Essentials & IASME (Information Assurance for Small to Medium Enterprises) Frameworks
Remote or onsite assistance on implementation
Telephone and e-mail support
One -to-one guidance with an Cyber Essentials & IASME assessor

If you like some help contact us on : info@MetaDefenceLabs.com , +44 (0) 203 222 4060

Produced by:

Chani Simms - SHe CISO Exec. Founder | Cybersecurity & GDPR Consultant | Managing Director & Co-Founder of Meta Defence Labs UK & Sri Lanka.

Chani is a C-level advisor, virtual CISO, ISO27001 and IASME auditor, UK Cyber Essentials assessor and specialist in helping organisations to implement and manage information security and data protection programs. Has been an information technology professional for over 17 years.

The Top 25 Most Inspirational Women In Cybersecurity 2020 - IT Security Guru
The 50 Most Influential Women In Cybersecurity 2019 Winner - SC Media UK
2020 Winner -
2019 Winner - (ISC)2 Information Security Leadership Awards: 'Woman Information Security Professional' EMEA.
Formally named to the IFSEC Global “Top Influencers in Security & Fire” for 2019. Ranked #1 in the Ones-to-Watch category.
Shortlisted for TechWomen50 Awards 2017