PCI Checklist

Download as pdf or txt
Download as pdf or txt
You are on page 1of 3
At a glance
Powered by AI
The document discusses how the WhatsUp Gold and Log Management Suite solutions can help organizations meet PCI DSS compliance requirements for network monitoring, device and software inventory, configuration management, and log collection/analysis.

WhatsUp Gold can generate network maps, monitor network traffic, detect software and patch levels, and validate configurations. It also provides inventory reports of IT assets.

WhatsConfigured within WhatsUp Gold provides complete configuration management for firewalls and routers, including tracking changes, alerts for misconfigurations, and comparing configurations to policies.

PCI-DSS Compliance Checklist

Meet Requirements with the WhatsUp Gold


Continuous Compliance Solution

PCI-DSS Requirement

WhatsUp Gold Solution

1.1.1 A formal process for approving and testing


all external network connections and changes to
the firewall and router configurations

WhatsUp Gold Layer 2/3 discovery and mapping identifies all


network connections to servers holding cardholder data, for both
wired and wireless.

1.1.6 Review firewall and router rule sets at


least every six months

WhatsConfigured provides complete configuration management


for your firewalls and routers, including:
Automatic tracking of all configuration changes
Real-time alerts of on any configuration changes,
misconfigurations and failures to internal policies
Reports comparing archived authorized configurations with
running configuration

1.1.2 Current network diagram with all


connections to cardholder data, including any
wireless networks

WhatsUp Gold automatically generates a complete Layer 2/3


topology map of your entire infrastructure to show all connections
to cardholder data. Layer 2/3 maps include:
Physical port-to-port and IP connectivity
At-a-glance maps for your wireless network

1.1.5 Documentation and business justification


for use of all services, protocols, and ports
allowed, including documentation of security
features implemented for those protocols
considered to be insecure

WhatsUp Gold automatically collects and documents


comprehensive inventory information including:
Bridge and switch port configurations
A list of configured protocols on each network device

1.3.3 Do not allow any direct routes inbound or


WhatsUp Gold Layer 2/3 discovery and mapping validates that
outbound for traffic between the Internet and the there is no direct connection between the Internet and any system
cardholder data environment
in the cardholder data environment.
Flow Monitor issues real-time alerts when a group of IP addresses
in the cardholder data environment are in communication with the
Internet.
2.1 Always change vendor-supplied defaults
WhatsConfigured automatically schedules and executes password
before installing a system on the network (for
changes across one or more devices on your network.
example, include passwords, simple network
management protocol (SNMP) community
strings, and elimination of unnecessary accounts)
2.2 Develop configuration standards for all
system components. Assure that these standards
address all known security vulnerabilities and
are consistent with industry-accepted system
hardening standards.

PCI-DSS Compliance Checklist

WhatsConfigured automates updating configuration changes


across multiple devices when security vulnerabilities warrant it -through on-demand or scheduled management tasks.

PCI-DSS Requirement

WhatsUp Gold Solution

5.1.1 Ensure that all antivirus programs are


capable of detecting, removing, and protecting
against all known types of malicious software

WhatsUp Gold Layer 2/3 discovery and inventory generates


a detailed report of all installed software and patch levels on
network and server devices.

5.2 Ensure that all antivirus mechanisms


are current, actively running, and capable of
generating audit logs

WhatsUp Gold validates that anti-virus software is running, and


generates a report comparing system uptime vs. anti-virus uptime
to identify any periods of exposure.

6.1 Ensure that all system components and


software have the latest vendor-supplied security
patches installed. Install critical security patches
within one month of release.

WhatsUp Gold automatically discovers all network devices,


servers and applications across your network.

8.5.1 Control addition, deletion, and modification


of user IDs, credentials, and other identifier
objects

The Log Management Suite continuously monitors Active


Directory Windows events in real-time and alerts when changes
occur.

10.2 Implement automated audit trails for all


system components to reconstruct the following
events:

The Log Management Suite automatically collects, archives and


securely stores complete audit trails of all log data across your
systems including key events such as logon failures and object
access attempts.

10.2.1 All individual user accesses to


cardholder data

WhatsUp Gold generates comprehensive inventory reports of all


IT assets deployed including vendor, model number, OS, patch
level, modules, etc.

10.2.2 All actions taken by any individual with


root or administrative privileges
10.2.3 Access to all audit trails
10.2.4 Invalid logical access attempts
10.2.5 Use of identification and authentication
mechanisms
10.2.6 Initialization of the audit logs
10.2.7 Creation and deletion of system-level
objects
10.3 Record at least the following audit trail
entries for all system components for each
event:

The Log Management Suite displays all log entries with type of
event, date and timestamp, and more.

10.3.1 User identification


10.3.2 Type of event
10.3.3 Date and time
10.3.4 Success or failure indication
10.3.5 Origination of event
10.3.6 Identity or name of affected data,
system component, or resource

PCI-DSS Compliance Checklist

PCI-DSS Requirement

WhatsUp Gold Solution

10.5.2 Protect audit trail files from unauthorized


modifications.

The Log Management Suite employs cryptographic hashing


to protect the integrity of your archived log data by preventing
tampering and modification.

10.5.3 Promptly back up audit trail files to a


centralized log server or media that is difficult to
alter.

10.5.5 Use file-integrity monitoring and change


The Log Management Suite provides real-time monitoring,
detection software on logs to ensure that existing reporting and alerting on Object Deletions, Object Access
log data cannot be changed without generating
Attempts, etc.
alerts.
The Log Management Suite automatically alerts on file, folder
11.5 Deploy file-integrity monitoring software
and object access or permission changes.
to alert personnel to unauthorized modification
WhatsConfigured automatically generates alerts on configuration
of critical system files, configuration files, or
file changes.
content files, and configure the software to
perform critical file comparisons at least weekly.
10.6 Review logs for all system components
at least daily. Log reviews must include
those servers that perform security functions
like intrusion detection system (IDS) and
authentication, authorization, and accounting
protocol (AAA) servers (for example, RADIUS).

The Log Management Suite provides views and allows mining


log data across all servers and workstations from one console
without needing to spot-check log files for security events,
since LMS pairs common security event identifiers with friendly
descriptions.

10.7 Retain audit trail history for at least


one year, with a minimum of three months
immediately available for analysis (for example,
online, archived, or restorable from back-up).

The Log Management Suite provides multi-year log storage/


archiving keeping your log data for as long as the IT compliance
regulation dictates.

For more information on WhatsUp Gold, please visit:


http://www.whatsupgold.com/products/whatsup-gold-core/
Try it free today for 30 days:
http://www.whatsupgold.com/products/download/

www.whatsupgold.com
Copyright 2012, Ipswitch, Inc. All rights reserved. WhatsUp is a registered trademark and Ipswitch is
a trademark of Ipswitch, Inc. Other products or company names are or may be trademarks or registered
trademarks and are the property of their respective holders.

You might also like