VISA/Mastercard PCI Vendor Scanning requirements

["Derek Nash" <ddnash () gmail com>]

For those of you who are providing PCI certified scanning how are you
complying with the requirement that "The vendor should ensure that it
has an unfiltered communication path to the customer's environment."
in order to avoid "Internet Service Provider Blocked Ports" that could
"result in misleading report conclusions."

Mastercard eludes to scanning over a VPN tunnel, but that seems
excessive and a potential logistical nightmare depending on volume of
business and technical know-how at the client's end.

I am just wonder what other providers are doing to comply. Thanks in
advance for your posts.


--
Best Regards,

ddnash

------------------------------------------------------------------------------
This List Sponsored by: Lancope

"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed
enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA)
and Response solution, leverages Cisco NetFlow to provide scalable,
internal network security.
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response
Systems in the Enterprise."

http://www.lancope.com/resource/
------------------------------------------------------------------------------