Using linux firewalls for PCI compliant infrastructure
- From: Siim Põder <siim@xxxxxxxxxxxxxxx>
- Date: Fri, 20 Nov 2009 19:05:48 +0200
Hi
We are using linux-based servers as firewalls for PCI compliant
infrastructure. During audits it has been AOK so far but security
people internally have suggested that maybe a commercial product would
be better suited for PCI infrastructure (as it is pretty critical).
I'm personally very happy with the iptables firewalls - we can use all
the standard components for firewalls that we use for everything else
(including standard administration methods, patching and so forth).
What do you think, would a commercial firewall provide a tangible
improvement in security?
Is anyone else using linux-based firewalls for PCI (or otherwise
sensitive) infrastructure?
Best regards,
Siim
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- Prev by Date: Re: Malware Analysis
- Next by Date: Re: Firewall Type Fingerprinting
- Previous by thread: Re: Malware Analysis
- Next by thread: Penetrating a MySql Server
- Index(es):
Relevant Pages
|
