Re: Using linux firewalls for PCI compliant infrastructure

[Skip Carter <skip () taygeta com>]

On Wed, 25 Nov 2009 00:37:07 +0200
Siim Põder <siim () p6drad-teel net> wrote:

> We are using linux-based servers as firewalls for PCI compliant
> infrastructure. During audits it has been OK so far but security
> people internally have suggested that maybe a commercial product would
> be better suited for PCI infrastructure (as it is pretty critical).
>
> I'm personally very happy with the iptables firewalls - we can use all
> the standard components for firewalls that we use for everything else
> (including standard administration methods, patching and so forth).
>
> What do you think, would a commercial firewall provide a tangible
> improvement in security?
> Is anyone else using linux-based firewalls for PCI (or otherwise
> sensitive) infrastructure?

You could have your cake and eat it too by purchasing a shrink-wrap
Linux firewall.  I have a client that had a regulatory requirement
to use an ICSA certified firewall and was able to satisfy that
requirement with one of those commercial Linux firewalls.


-- 
 Dr. Everett (Skip) Carter      Phone: 831-641-0645 FAX:  831-641-0647
 Taygeta Scientific Inc.        e-mail: skip () taygeta com
 1340 Munras Ave., Suite 314    WWW: http://www.taygeta.com
 Monterey, CA. 93940            









_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards