Educause Security Discussion mailing list archives
Re: Merchant services credit card project
From: Willis Marti <wmarti () TAMU EDU>
Date: Sun, 26 Jun 2005 22:19:39 -0500
For example, the term public facing (used in the self assessment) is something that we don't seem to agree on here. Does this mean the public Internet or basically anyone (including campus users) that interface to the front-end transaction gateway?
We have about 10 different processing sites physically on our main campus. Our understanding is that for each processing system, I have to establish a demarcation point, using a firewall that does NAT, such that all traffic to a credit card system flows through that firewall. Any system "behind" the firewall must be covered by the assessment. Anything outside that firewall is the public. So we have a campus (and some departmental) firewall, but we also have a firewall in front of every processing system. Our residence halls, for example, are behind the campus firewall, but are "public" compared to any of the card processing systems. Cheers, Willis Marti Associate Director for Networking Computing & Information Services Texas A&M University
Current thread:
- Merchant services credit card project Theresa M Rowe (Jun 24)
- <Possible follow-ups>
- Re: Merchant services credit card project Scott Genung (Jun 26)
- Re: Merchant services credit card project Willis Marti (Jun 26)
- Re: Merchant services credit card project Scott Genung (Jun 26)
- Re: Merchant services credit card project Steve Bernard (Jun 26)
- Re: Merchant services credit card project Steve Bernard (Jun 26)
- Re: Merchant services credit card project Willis Marti (Jun 27)
- Re: Merchant services credit card project Willis Marti (Jun 27)
- Re: Merchant services credit card project Theresa M Rowe (Jun 27)