RE: PCI-DSS and IPS
- From: Steve Majot <steve@xxxxxxxxxxxxx>
- Date: Fri, 20 Feb 2009 09:50:31 -0700
Requirement 11.4 of PCI DSS 1.2:
Use intrusion-detection systems,
and/or intrusion-prevention systems to
monitor all traffic in the cardholder data
environment and alert personnel to
suspected compromises. Keep all
intrusion-detection and prevention
engines up-to-date.
The goal here is to monitor traffic for anything that might present a
threat to PCI scoped data. I doubt an auditor will fault you for using a
UTM appliance as opposed to standalone firewall and IPS devices. Keep in
mind UTM signature sets are frequently leaner than those used by dedicated
IDS/IPS appliances. If you do go with a UTM at the edge, you might consider
utilizing open source IDS/IPS solutions at key locations on the inside as
well.
https://www.pcisecuritystandards.org/security_standards/pci_dss_download.html
Steve
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] On
Behalf Of raimarm@xxxxxxxxx
Sent: Friday, February 20, 2009 4:20 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: PCI-DSS and IPS
Hi All,
I am a technical orientated guy and not sure about my following question.
Is a IPS system in regards to PCI-DSS obligatory ?
If yes, would it be possible to take a FW with IPS functionality
rather to buy a dedicated IPS (like deep-inspection, smart-defense and
the like).
Many Thanks
rm
- Prev by Date: RE: PCI-DSS and IPS
- Next by Date: Re: Re: mail server vulnerability
- Previous by thread: RE: PCI-DSS and IPS
- Next by thread: Antivirus under Windows 2003 Server
- Index(es):
Relevant Pages
|
