Security Basics mailing list archives
Re: Re: Firewalls and PCI
From: "Josh Haft" <pacmansyu () gmail com>
Date: Fri, 18 Jan 2008 15:31:23 -0600
On Jan 18, 2008 3:16 PM, Honer, Lance <lhoner () smartgrp com> wrote:
I can't speak for other QSA's but I would have no problem with just one physical device for all segments. Grant it the safest solution is would be a separate physical device for each where it's a different make and model so that a compromise of the internet facing device would not compromise every other firewall. But this can open up a whole mess of other problems that is beyond the scope of this discussion. Who is this "client" your referring to, I'm not asking for names just for the relationship here? Lance
We will be hosting some of their data and they want our environment to be 'as secure as possible', or at least up to their standards. The data may or may not fall under PCI requirements, but that's something we have to do anyway.
Current thread:
- RE: Firewalls and PCI, (continued)
- RE: Firewalls and PCI Timmothy Lester (Jan 16)
- Re: Firewalls and PCI David Glosser (Jan 16)
- RE: Firewalls and PCI Jason Alexander (Jan 16)
- Re: Re: Firewalls and PCI evilwon12 (Jan 16)
- Re: Re: Firewalls and PCI Josh Haft (Jan 16)
- Message not available
- Re: Firewalls and PCI Lyle Worthington (Jan 17)
- RE: Re: Firewalls and PCI Honer, Lance (Jan 18)
- Re: Re: Firewalls and PCI Josh Haft (Jan 18)
- RE: Re: Firewalls and PCI Scott Williamson (Jan 18)
- RE: Re: Firewalls and PCI Honer, Lance (Jan 18)
- Re: Re: Firewalls and PCI Josh Haft (Jan 18)
- Re: Re: Firewalls and PCI Josh Haft (Jan 16)
- RE: Firewalls and PCI Kevin Ortloff (Jan 18)
- RE: RE: Firewalls and PCI Abimbola, Abiola (Jan 17)