Re: [fw-wiz] Using linux firewalls for PCI compliant infrastructure



On Tue, Nov 24, 2009 at 14:37, Siim Põder <siim@xxxxxxxxxxxxxxx> wrote:
Hi

We are using linux-based servers as firewalls for PCI compliant
infrastructure. During audits it has been OK so far but security
people internally have suggested that maybe a commercial product would
be better suited for PCI infrastructure (as it is pretty critical).

I'm personally very happy with the iptables firewalls - we can use all
the standard components for firewalls that we use for everything else
(including standard administration methods, patching and so forth).

What do you think, would a commercial firewall provide a tangible
improvement in security?
Is anyone else using linux-based firewalls for PCI (or otherwise
sensitive) infrastructure?

Thanks,
Siim

Following on from a couple of other posts, you could potentially use
fwbuilder (http://www.fwbuilder.org/) as a front end, and argue that
the results are equivalent to some number of commercial offerings, for
which fwbuilder makes equivalent configurations.

Kurt
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards


Relevant Pages

  • Using linux firewalls for PCI compliant infrastructure
    ... During audits it has been AOK so far but security ... be better suited for PCI infrastructure. ... I'm personally very happy with the iptables firewalls - we can use all ...
    (Pen-Test)
  • [fw-wiz] Using linux firewalls for PCI compliant infrastructure
    ... During audits it has been OK so far but security ... be better suited for PCI infrastructure. ... I'm personally very happy with the iptables firewalls - we can use all ...
    (Firewall-Wizards)
  • Re: [fw-wiz] Using linux firewalls for PCI compliant infrastructure
    ... During audits it has been OK so far but security ... be better suited for PCI infrastructure. ... I'm personally very happy with the iptables firewalls - we can use all ...
    (Firewall-Wizards)
  • Re: Defense in Depth
    ... What is meant by "layers" of security, is this: the entry points that must be ... Physical Layer - Physical access to the resources. ... attacks and other attacks that go after the software itself. ... "layer" in one long chain (lots of firewalls). ...
    (Security-Basics)
  • RE: Wireless Security for Home Users
    ... for most home users to create and/or manage 2 firewalls and a DMZ. ... As with most network security, ... investigate additional security features available from the WAP ...
    (Security-Basics)