Security Basics mailing list archives
RE: PCI-DSS and IPS
From: Steve Majot <steve () tcpstream com>
Date: Fri, 20 Feb 2009 09:50:31 -0700
Requirement 11.4 of PCI DSS 1.2: Use intrusion-detection systems, and/or intrusion-prevention systems to monitor all traffic in the cardholder data environment and alert personnel to suspected compromises. Keep all intrusion-detection and prevention engines up-to-date. The goal here is to monitor traffic for anything that might present a threat to PCI scoped data. I doubt an auditor will fault you for using a UTM appliance as opposed to standalone firewall and IPS devices. Keep in mind UTM signature sets are frequently leaner than those used by dedicated IDS/IPS appliances. If you do go with a UTM at the edge, you might consider utilizing open source IDS/IPS solutions at key locations on the inside as well. https://www.pcisecuritystandards.org/security_standards/pci_dss_download.html Steve -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of raimarm () gmail com Sent: Friday, February 20, 2009 4:20 AM To: security-basics () securityfocus com Subject: PCI-DSS and IPS Hi All, I am a technical orientated guy and not sure about my following question. Is a IPS system in regards to PCI-DSS obligatory ? If yes, would it be possible to take a FW with IPS functionality rather to buy a dedicated IPS (like deep-inspection, smart-defense and the like). Many Thanks rm
Current thread:
- PCI-DSS and IPS raimarm () gmail com (Feb 20)
- RE: PCI-DSS and IPS Hill, Pete (Feb 20)
- <Possible follow-ups>
- RE: PCI-DSS and IPS Steve Majot (Feb 20)