Re: [fw-wiz] Using linux firewalls for PCI compliant infrastructure

On Wed, 25 Nov 2009 00:37:07 +0200
Siim Põder <siim@xxxxxxxxxxxxxxx> wrote:

We are using linux-based servers as firewalls for PCI compliant
infrastructure. During audits it has been OK so far but security
people internally have suggested that maybe a commercial product would
be better suited for PCI infrastructure (as it is pretty critical).

I'm personally very happy with the iptables firewalls - we can use all
the standard components for firewalls that we use for everything else
(including standard administration methods, patching and so forth).

What do you think, would a commercial firewall provide a tangible
improvement in security?
Is anyone else using linux-based firewalls for PCI (or otherwise
sensitive) infrastructure?

You could have your cake and eat it too by purchasing a shrink-wrap
Linux firewall. I have a client that had a regulatory requirement
to use an ICSA certified firewall and was able to satisfy that
requirement with one of those commercial Linux firewalls.

Dr. Everett (Skip) Carter Phone: 831-641-0645 FAX: 831-641-0647
Taygeta Scientific Inc. e-mail: skip@xxxxxxxxxxx
1340 Munras Ave., Suite 314 WWW:
Monterey, CA. 93940

firewall-wizards mailing list