Firewall Configuration for PCI DSS: Installation and Maintenance Checklist

List of Installation and Maintenance Checklist for Firewall Configuration so it could comply to PCI DSS
1. The PCI DSS requires a firewall that provides stateful inspection, also known as dynamic packet filtering.

2. Stateful inspection firewalls offer strong security along with good performance and transparency to end users, unlike the packet filtering and proxy firewalls.

3. Document your dataflow in order to aid the system and security administrators in configuring the firewall with the proper rule set.

4. Disable or remove all unneeded ports, protocols, and services not required for business purposes.

5. Deny all traffic into and out of the firewall that is not required for business purposes.

6. Your firewalls and routers must have documented configuration standards and the rule sets of each should be reviewed at least quarterly.

source: PCI Compliances, Tony Bradley 2007

CompliancesForum provide FREE template, checklist, and update for your Regulatory Compliance need: Basel II Accord, Gramm Leach Bliley (GLBA), Healthcare Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standards (PCI DSS), Sarbanes Oxley Act (SOA)

Bookmark/Search this post with:
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Google
  • Yahoo
  • Technorati

User login

Who's online

There are currently 0 users and 1 guest online.

Who's new

  • PreedaJex
  • logsLarostata
  • tesejeora
  • andygriffinkid
  • WooroExteve