Cyber Essentials
DashboardSign Out

Lesson 3.4 — Network equipment: routers, firewalls and what not to list

This lesson helps the learner identify which routers and firewalls must be listed as in-scope network equipment for Cyber Essentials.

CE questionnaire questions: A2.5 A2.5.1

What You'll Be Able to Do

By the end of this lesson, you will be able to:

  • create a clear list of in-scope routers and firewalls
  • avoid listing unnecessary equipment such as switches or access points that do not route internet traffic or provide firewall functions
  • avoid listing home routers
  • identify any equipment used to create sub-sets for partial scope.

Why This Matters

It explains what must be included, what must not be included, how to record make, model and quantity, and how to handle equipment used to create sub-sets in a partial-scope assessment.

The most common problems are:

  • listing every switch and access point even when they do not route internet traffic or provide firewall functions;
  • failing to list an ISP-supplied business router that acts as the internet boundary;
  • failing to list a branch-office firewall;
  • failing to list a virtual firewall protecting hosted infrastructure;

The Core Rule

A2.5 asks for the network equipment in scope, including firewalls and routers.

You must include make, model and quantity.

Common Mistakes

  • listing every switch and access point even when they do not route internet traffic or provide firewall functions;
  • failing to list an ISP-supplied business router that acts as the internet boundary;
  • failing to list a branch-office firewall;
  • failing to list a virtual firewall protecting hosted infrastructure;
  • writing only “router” or “firewall” instead of make and model;
  • omitting quantities;

Copy This

Work through the workbook activity for this lesson. Each question maps directly to the CE questionnaire.

Quick Checklist

Before moving on, make sure you can say yes to these:

  • [ ] What does A2.5 ask for?
  • [ ] What details must be included for each router or firewall in A2.5?
  • [ ] Should IP addresses, MAC addresses or serial numbers be included in A2.5?
  • [ ] Do ordinary switches and wireless access points always need to be listed?
  • [ ] Should home routers and firewalls belonging to remote workers be listed in A2.5?

Your Action

Do this now — it takes 10–20 minutes.

List every piece of network equipment in scope: routers, switches, firewalls. Record make and model. Add to Section A2.

Key Takeaway

The network equipment register created here feeds directly into the firewall and security update management modules.

Your Workbook Activity

Complete: Network equipment register

This covers questionnaire questions: A2.5 A2.5.1

Next Lesson

In the next lesson: Laptops, desktops and virtual desktops: make, OS and scope completeness

Up next

Laptops, desktops and virtual desktops

Record laptops, desktops, and virtual desktops properly so endpoint scope is complete and defensible.