PCI 1:: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 5: | Line 5: | ||
---- | ---- | ||
<br> | <br> | ||
:'''PCI-1.1 Establish firewall configuration standards that include:'''<br> | :'''[[PCI-1.1:|PCI-1.1 Establish firewall configuration standards that include:]]'''<br> | ||
<br> | <br> | ||
::[[Image:Key-control.jpg]][[PCI-1.1.1:|PCI-1.1.1 A formal process for approving and testing all external network connections and changes to the firewall configuration.]]<br> | ::[[Image:Key-control.jpg]][[PCI-1.1.1:|PCI-1.1.1 A formal process for approving and testing all external network connections and changes to the firewall configuration.]]<br> | ||
Line 27: | Line 27: | ||
---- | ---- | ||
<br> | <br> | ||
:'''PCI-1.2 Build a firewall configuration that restricts connections between untrusted networks and any system components in the cardholder data environment.'''<br> | :'''[[PCI-1.2|PCI-1.2 Build a firewall configuration that restricts connections between untrusted networks and any system components in the cardholder data environment.]]'''<br> | ||
<br> | <br> | ||
::[[Image:Key-control.jpg]][[PCI-1.2.1:|PCI-1.2.1 Restrict inbound and outbound traffic to that which is necessary for the cardholder data environment.]]<br> | ::[[Image:Key-control.jpg]][[PCI-1.2.1:|PCI-1.2.1 Restrict inbound and outbound traffic to that which is necessary for the cardholder data environment.]]<br> | ||
Line 37: | Line 37: | ||
---- | ---- | ||
<br> | <br> | ||
:'''PCI-1.3 Prohibit direct public access between the Internet and any system component in the cardholder data environment.'''<br> | :'''[[PCI-1.3:|PCI-1.3 Prohibit direct public access between the Internet and any system component in the cardholder data environment.]]'''<br> | ||
<br> | <br> | ||
::[[Image:Key-control.jpg]][[PCI-1.3.1:|PCI-1.3.1 Implement a DMZ to limit inbound and outbound traffic to only protocols that are necessary for the cardholder data environment.]]<br> | ::[[Image:Key-control.jpg]][[PCI-1.3.1:|PCI-1.3.1 Implement a DMZ to limit inbound and outbound traffic to only protocols that are necessary for the cardholder data environment.]]<br> | ||
Line 57: | Line 57: | ||
---- | ---- | ||
<br> | <br> | ||
:'''PCI-1.4 Install personal firewall software on any mobile and/or employee-owned computers with direct connectivity to the Internet (for example, laptops used by employees), which are used to access the organization’s network.'''<br> | :'''[[PCI-1.4:|PCI-1.4 Install personal firewall software on any mobile and/or employee-owned computers with direct connectivity to the Internet (for example, laptops used by employees), which are used to access the organization’s network.]]'''<br> | ||
<br> | <br> | ||
::[[Image:Key-control.jpg]][[PCI-1.4.a:|PCI-1.4.a Verify that mobile and/or employee-owned computers with direct connectivity to the Internet (for example, laptops used by employees), and which are used to access the organization’s network, have personal firewall software installed and active.]]<br> | ::[[Image:Key-control.jpg]][[PCI-1.4.a:|PCI-1.4.a Verify that mobile and/or employee-owned computers with direct connectivity to the Internet (for example, laptops used by employees), and which are used to access the organization’s network, have personal firewall software installed and active.]]<br> |
Revision as of 11:15, 16 June 2010
Requirement 1: Install and maintain a firewall configuration to protect data.
- Firewalls are computer devices that control computer traffic allowed into a company’s network from outside, as well as traffic into more sensitive areas within a company’s internal network. All systems need to be protected from unauthorized access from the Internet, whether for e-commerce, employees’ Internet-based access via desktop browsers, or employees’ email access. Often, seemingly insignificant paths to and from the Internet can provide unprotected pathways into key systems. Firewalls are a key protection mechanism for any computer network.