Firewall Wizards mailing list archives
Re: PCI DSS & Firewalls
From: Chris Blask <chris () blask org>
Date: Thu, 2 Apr 2009 20:18:25 -0700 (PDT)
From: Paul D. Robertson <paul () compuwar net>
On Thu, 2 Apr 2009, Potter, Albert (Al) wrote:
Chris hits the nail on the head.
Perhaps the most intelligent comment in recent decades... ;~) .d.
No- the fine is what does that, the DSS is just the artifact with which to do it. However as a "Standard" it's worse than ICSA Firewall testing criteria! ;-P
Now, Al's being nice to me, how can I respond to that? Keep walking, nothing to see here!
Is it perfect? No, but it is regularly revised (the DSS) and has a mechanism to get better.
Not only is it not perfect, it's frankly about as bad as a document can get and claim to be a "Security Standard." It *has* to have the mechanism to get better, it really would have to try to get any worse... Are two revisions really "regularly revised?"
We have to keep in mind that we aren't just talking about securing networks where they have a Paul Analog (PA) on staff. Even where they do have a PA on staff, most often he is banging his head against a brick wall of corporate resource management. A good PA (or a good PCI consultant, QSA, whathaveyou) seizes on the opportunity to leverage the attention of the Great Purse Holders and have them pour some cash on worthy efforts that make the network more secure than it was previously.
*cough* Isn't Verizon a QSA? *cough*
You should really get that looked at, it could turn into pneumonia... -woof! -chris _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: PCI DSS & Firewalls, (continued)
- Re: PCI DSS & Firewalls Darden, Patrick S. (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Chris Myers (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls R. DuFresne (Apr 02)
- Re: PCI DSS & Firewalls Potter, Albert (Al) (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls lordchariot (Apr 02)
- Re: PCI DSS & Firewalls Jim Seymour (Apr 03)
- Re: PCI DSS & Firewalls Chris Blask (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Dotzero (Apr 03)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 03)
- Re: PCI DSS & Firewalls Chris Blask (Apr 03)
- Re: PCI DSS & Firewalls Bill McGee (Apr 03)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 03)
- Re: PCI DSS & Firewalls Chris Blask (Apr 05)
- Re: PCI DSS & Firewalls Jim Seymour (Apr 06)
- Re: PCI DSS & Firewalls Chris Blask (Apr 06)