Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using linux firewalls for PCI compliant infrastructure

From: Kurt Buff <kurt.buff () gmail com>
Date: Thu, 26 Nov 2009 11:22:24 -0800
On Tue, Nov 24, 2009 at 14:37, Siim Põder <siim () p6drad-teel net> wrote:

Hi

We are using linux-based servers as firewalls for PCI compliant
infrastructure. During audits it has been OK so far but security
people internally have suggested that maybe a commercial product would
be better suited for PCI infrastructure (as it is pretty critical).

I'm personally very happy with the iptables firewalls - we can use all
the standard components for firewalls that we use for everything else
(including standard administration methods, patching and so forth).

What do you think, would a commercial firewall provide a tangible
improvement in security?
Is anyone else using linux-based firewalls for PCI (or otherwise
sensitive) infrastructure?

Thanks,
Siim


Following on from a couple of other posts, you could potentially use
fwbuilder (http://www.fwbuilder.org/) as a front end, and argue that
the results are equivalent to some number of commercial offerings, for
which fwbuilder makes equivalent configurations.

Kurt
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: