Re: PCI

[Paul Kendall <PKendall () ACCUDATASYSTEMS COM>]

Not True. It may mean you have to change your scheduling for performing scanning if you have large network segments, 
but it can definitely be done.

Paul L. Kendall
===================================
Paul L. Kendall, CGEIT, CISM, CISSP, CSSLP
Certified HIPAA Professional
Certified HIPAA Security Specialist
PCI Qualified Security Assessor
Senior Consultant - Assessments & Compliance

Main 281.897.5000  |  Direct 817.496.6450  |  Cell 713.446.5259  |  
http://www.accudatasystems.com<http://www.accudatasystems.com/>
Tower Three Galleria  |  13155 Noel Road, Suite 920  |  Dallas, TX 75240

[cid:image001.gif@01CC34AE.DF7DA8D0]<http://www.facebook.com/accudatasystems>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of 
Jacobson, Dick
Sent: Monday, June 27, 2011 9:41 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] PCI

I attended a IPv6 seminar last week and am wondering if I heard something correctly. This did not register with me 
until after the seminar and  since the seminar I have been looking for an email address for Johannes Ullirich (the 
instructor), but have not found one, and asked a few people around here about this.  I have not been able to get a 
half-way-confident answer so I am bringing the question here.

I think I heard that on an IPv6 network, you can not be PCI compliant because (I think) the size of the address space 
makes it impossible to scan in a timely manner, as required.

Does this question make sense ?  Any comments/thoughts for me ?