Firewall Wizards mailing list archives
Re: Using linux firewalls for PCI compliant infrastructure
From: Anton Chuvakin <anton () chuvakin org>
Date: Thu, 26 Nov 2009 18:08:21 -0800
We are using linux-based servers as firewalls for PCI compliant infrastructure. During audits it has been OK so far but security people internally have suggested that maybe a commercial product would be better suited for PCI infrastructure (as it is pretty critical).
First things first: in PCI DSS, a firewall is a firewall is a firewall. There is no preference to free or commercial ones. The only criteria is "stateful" (somewhere in 1.1, if I recall correctly)
What do you think, would a commercial firewall provide a tangible improvement in security?
Too close to being a religious debate.
Is anyone else using linux-based firewalls for PCI (or otherwise sensitive) infrastructure?
Yes, I've seen people use iptables in 1.1 and in 1.4 (as personal firewall) -- Dr. Anton Chuvakin Site: http://www.chuvakin.org Blog: http://www.securitywarrior.org LinkedIn: http://www.linkedin.com/in/chuvakin Twitter: @anton_chuvakin Google Voice: 510-771-7106 _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Using linux firewalls for PCI compliant infrastructure Siim Põder (Nov 24)
- Re: Using linux firewalls for PCI compliant infrastructure Paul D. Robertson (Nov 24)
- Re: Using linux firewalls for PCI compliant infrastructure Tracy Reed (Nov 24)
- Re: Using linux firewalls for PCI compliant infrastructure Siim Põder (Nov 25)
- Re: Using linux firewalls for PCI compliant infrastructure Victor Williams (Nov 25)
- Re: Using linux firewalls for PCI compliant infrastructure Marcin Antkiewicz (Nov 25)
- Re: Using linux firewalls for PCI compliant infrastructure Siim Põder (Nov 25)
- Re: Using linux firewalls for PCI compliant infrastructure Skip Carter (Nov 25)
- Re: Using linux firewalls for PCI compliant infrastructure Kurt Buff (Nov 27)
- Re: Using linux firewalls for PCI compliant infrastructure Anton Chuvakin (Nov 27)