Are your boundary firewalls configured to allow access to their configuration settings over the internet?
What this question is really asking
Confirm whether your firewall's configuration interface is accessible over the internet. The answer should be no for most organisations. Remote management interfaces on firewalls are a significant attack surface and should only be accessible from trusted, defined IP ranges at most.
What satisfies this requirement
Yes or NoAnswer No if config settings only accessible via VPN or not externally accessible.
What to prepare before your assessor visit
The answer here should be no for almost every organisation. If your managed service provider requires remote access to your firewall, that access should go through a VPN or a dedicated management network — not a management interface directly exposed to the internet. An internet-accessible admin portal on a firewall is a significant vulnerability and will draw serious scrutiny.
How this question sits across CE versions
Related policy templates
Getting certified means having documentation to back it up. These policy templates cover the controls this question tests.
Does your organisation meet this requirement?
Answer 30 plain-English questions and find out exactly where you stand across all 5 Cyber Essentials control areas — with a prioritised list of what to fix first.