SonicWALL PCI Implementation Guide For SonicOS Enhanced

Compliance SonicWALL PCI 1.
1 Implementation Guide
A PCI Implementation Guide for SonicWALL SonicOS Enhanced
In conjunction with ControlCase, LLC (PCI Council Approved Auditor)

SonicOS PCI Data Security Standard 1.1 Compliance Review:
The following are the PCI Data Security Standard 1.1 controls that are applicable to SonicWALL SonicOS
Enhanced:
PCI DSS Requirement 1.1.1

Establish firewall configuration standards that include: A formal process for approving and testing all
external network connections and changes to the firewall configuration.
Implementation Procedure
N/A
Comments
SonicWALL Administrator Guide should include this as a Best Practice.

Establish firewall configuration standards that include: Requirements for a firewall at each Internet
connection and between any demilitarized zone (DMZ) and the internal network zone.
1. Login to the SonicWALL firewall.
2. Select the Firewall menu, and select the Access Rules item.
3. Click the Configure icon that corresponds to the zone to be configured, or check All Rules to see a
list of existing rules for all zones. In this example, we are viewing access rules for traffic from the
WAN to the LAN. The following screen will appear:
4. To edit an existing rule, click on the Configure icon next to that rule or click the Add button to add a
new rule. The following window will appear:
5. Configure rule settings. For example, to block all traffic from the Internet, check Deny and select
Any from the Service drop down menu. Select Source, Destination and Schedule from the drop
down menus as shown below and click the OK button.
6. The new rule will appear in the Access Rules list as seen below.
Establish firewall configuration standards that include: Description of groups, roles, and responsibilities for
logical management of network components.
2. Select the User menu, and select the Local Users item.
3. Click the Add User button. The following window will appear:
4. Assign a username and password for the new user.
5. Select the User menu, and select the Local Groups item.
6. To add a new group, click the Add Group button. To configure an existing group, click its
Configure icon to the right of that group. The following window will appear:
7. Click the Members tab.
8. Select the members or groups that will belong to this group and click the right arrow button (->).
9. Click the VPN Access tab.
10. Select the networks to which users within this group will be able to access through their VPN client
software and click the right arrow button (->).
11. Click the CFS Policy tab.
12. Select a CFS policy to apply to the group in the Policy drop-down menu.
13. Click the OK button to save settings.
Establish firewall configuration standards that include: Justification and documentation for any available
protocols besides hypertext transfer protocol (HTTP), and secure sockets layer (SSL), secure shell (SSH),
and virtual private network (VPN).
5. Select a service to be allowed or denied from the Service drop-down menu. For example, to allow
the BearShare service, select it from the drop down menu. Complete the remaining fields for this
rule such as Source, Destination, and Users Allowed using the drop down menus and click the OK
button. Note that any available protocols besides hypertext transfer protocol (HTTP), and secure
sockets layer (SSL), secure shell (SSH), and virtual private network (VPN) must be justified and
documented.
PCI DSS Requirement 1.2
Build a firewall configuration that denies all traffic from “untrusted” networks and hosts, except for protocols
necessary for the cardholder data environment.
5. Establish rules which deny all traffic from “untrusted” networks and hosts. For example, to block all
traffic from the Internet, check Deny and select Any from the Service drop down menu. Select
Source, Destination and Schedule from the drop down menus as shown below and click the OK
button.
Comments
SonicWALL's default policy on its security devices is to have a "denial-all" policy to everything internal to the
network.
Build a firewall configuration that restricts connections between publicly accessible servers and any system
component storing cardholder data, including any connections from wireless networks. This firewall
configuration should include the following: Restricting inbound Internet traffic to Internet protocol (IP)
addresses within the DMZ (ingress filters).
N/A
Comments
The SonicOS Enhanced default configuration restricts inbound Internet traffic to IP addresses within the
DMZ.

configuration should include the following: Not allowing internal addresses to pass from the Internet into the
DMZ.
N/A
Comments
The SonicOS Enhanced default configuration does not allow internal addresses to pass from the Internet
into the DMZ.

configuration should include the following: Implementing stateful inspection, also known as dynamic packet
filtering (that is, only ”established” connections are allowed into the network).
N/A
Comments
This is default behavior of the SonicWALL Stateful Packet Inspection (SPI) engine.

configuration should include the following: Placing the database in an internal network zone, segregated
from the DMZ.
N/A
Comments
SonicWALL Administrator Guide should include this as a Best Practice. Installing SonicWALL the GMS
Database on the trusted side of the network apart from the DMZ is mandatory as part of a comprehensive
managed PCI solution. Refer to the configuration outlines of SonicWALL GMS on how to establish single-
server or distributed server deployments alongside a GMS Database.
configuration should include the following: Restricting inbound and outbound traffic to that which is
necessary for the cardholder data environment.
LAN to the WAN. The following screen will appear:
new rule. The following window will appear. In this example, all traffic between the LAN and WAN
is denied by default.
5. Establish rules which restrict inbound and outbound traffic to that which is necessary for the
cardholder data environment. First, you must disable the default “ANY” rule as shown below by
unselecting the Enable checkbox.
For example, to allow outbound HTTPS traffic, check Allow and select HTTPS from the Services
drop down menu. Select the Source, Destination, Users Allowed, and Schedule from the drop
down menus as shown below and click the OK button.
configuration should include the following: Securing and synchronizing router configuration files. For
example, running configuration files (for normal functioning of the routers), and start-up configuration files
(when machines are re-booted) should have the same secure configuration.
N/A
Comments
SonicWALL units only keep a single previous configuration file on the native device. Authenticated access
is required for viewing, manipulation or exportation.

configuration should include the following: Denying all other inbound and outbound traffic not specifically
allowed.
WAN to the LAN. The following screen will appear showing the “default deny” rule setting for
network traffic between the WAN and the LAN. You must add specific rules for any network traffic
to traverse from the WAN to the LAN network segment.
configuration should include the following: Installing perimeter firewalls between any wireless networks and
the cardholder data environment, and configuring these firewalls to deny any traffic from the wireless
environment or controlling any traffic (if such traffic is necessary for business purposes).
2. Select the Firewall menu, and select the Access Rules item. For this example we have created a
DMZ Zone network, under the OPT network name, where our e-commerce web servers would
typically be located.
DMZ to the LAN. The following screen will appear:
5. The default rule denies any traffic from the DMZ network to the LAN network. Rules that will control
network traffic between the DMZ and LAN can be added (if such network traffic is necessary for
business purposes such as remote management). For example, to allow only SSH traffic into the
cardholder data environment (LAN) from the DMZ network, check Allow and specify allowable
services from the Services drop down menu. Also select the Source, Destination, Users Allowed,
and Schedule from the drop down menus as shown below and click the OK button.
6. The new rule will appear in the Access Rules list as seen below showing that only SSH traffic from
the web server in the DMZ to a specified IP address is permitted. All other traffic is blocked by the
firewall.
Comments
SonicWALL Administrator Guide should include this as a Best Practice. SonicWALL’s TZ 170W, TZ 180W
and TZ 190W appliances all support the Deep Packet Inspection engine as part of their feature sets. This
allows for the same perimeter and internal-based security technology to be invoked so as to protect both
LAN and WiFi users.
Prohibit direct public access between external networks and any system component that stores cardholder
data (for example, databases, logs, trace files).
N/A
Comments
SonicWALL firewalls, properly configured, can prohibit direct public access between external networks and
any system component that stores cardholder data (for example, databases, logs, trace files).

Implement a DMZ to filter and screen all traffic and to prohibit direct routes for inbound and outbound
Internet traffic.
N/A
Comments
The SonicOS Enhanced default configuration has a "denial-all" rule from the WAN interface to everything
internal to the network.

Restrict outbound traffic from payment card applications to IP addresses within the DMZ.
LAN to the DMZ. The following screen will appear:
4. To edit the existing rule, click on the Configure icon next to that rule or click the Add button to add
a new rule. The following window will appear:
5. Establish rules which restrict outbound traffic from payment card applications to IP addresses
within the DMZ. For example, to deny all outbound traffic to addresses within the DMZ, check
Deny and click the OK button. Use the Add button to setup specific rules between hosts on the
LAN and hosts in the DMZ.
6. The new “default deny” rule will appear in the Access Rules list as seen below.
Implement IP masquerading to prevent internal addresses from being translated and revealed on the
Internet. Use technologies that implement RFC 1918 address space, such as port address translation (PAT)
or network address translation (NAT).
2. Select the Network menu, and select the NAT Policies item. By default, SonicOS provides the
following NAT policies.
3. To edit an existing policy, click its Configure icon. To add a new policy, click Add NAT Policy.
The following window will appear:
4. Configure the NAT policy and check Enable NAT Policy.
5. Click the OK button.
Always change vendor-supplied defaults before installing a system on the network (for example, include
passwords, simple network management protocol (SNMP) community strings, and elimination of
unnecessary accounts).
2. Select the System menu, and select the Administration item.
3. In the Administrator Name & Password section, assign a password that conforms to PCI DSS
password standards.
4. Scroll to the bottom of the screen and click Enable SNMP.

5. Click the Configure button. The following window will appear:
6. Enter SNMP settings and click the OK button. Note that the Community Name should not be
defaults like Public or Private.
7. Once back at the System > Administration screen, click the Apply button.
8. Select the Users menu, and select the Guest Accounts item.
9. Ensure that the Enable box was not inadvertently checked by another administrator and click the
Apply button.
For wireless environments, change wireless vendor defaults, including but not limited to, wired equivalent
privacy (WEP) keys, default service set identifier (SSID), passwords, and SNMP community strings. Disable
SSID broadcasts. Enable WiFi protected access (WPA and WPA2) technology for encryption and
authentication when WPA-capable.
N/A
Comments

Develop configuration standards for all system components. Assure that these standards address all known
security vulnerabilities and are consistent with industry-accepted system hardening standards as defined, for
example, by SysAdmin Audit Network Security Network (SANS), National Institute of Standards Technology
(NIST), and Center for Internet Security (CIS).
N/A
Comments

Configure system security parameters to prevent misuse.
SonicWALL firewalls must be configured to meet PCI Data Security Standards.
Comments
Encrypt all non-console administrative access. Use technologies such as SSH, VPN, or SSL/TLS (transport
layer security) for web-based management and other non-console administrative access.
2. Select the Network menu, and select the Interfaces item.
3. Select the Configure item for each network interface to see the screen below.
4. Select only HTTPS, and SSH as shown below and click the OK.
Use strong cryptography and security protocols such as secure sockets layer (SSL)/transport layer security
(TLS) and internet protocol security (IPSEC) to safeguard sensitive cardholder data during transmission over
open, public networks. Examples of open, public networks that are in scope of the PCI DSS are the
Internet, WiFi (IEEE 802.11x), global system for mobile communications (GSM) and general packet radio
services (GPRS).
N/A
Comments

For wireless networks transmitting cardholder data, encrypt the transmissions by using WiFi protected
access (WPA or WPA2) technology, IPSEC VPN, or SSL/TLS. Never rely exclusively on wired equivalent
privacy to protect confidentiality and access to a wireless LAN. If WEP is used, do the following:
• Use with a minimum 104 bit encryption key and 24 bit initialization value
• Use only in conjunction with WiFi protected access (WPA or WPA2), VPN, or SSL/TLS
• Rotate shared WEP keys quarterly (or automatically if the technology permits)
• Rotate shared WEP keys whenever there are changes in personnel with access to the keys
• Restrict access based on media access code (MAC) address
N/A
Comments
Deploy anti-virus software on all systems commonly affected by viruses (particularly personal
computers and servers).
1. Select the Security Services menu, and select the Gateway Anti-Virus item.
2. Check Enable Gateway Anti-Virus.

3. Check Enable Inbound Inspection for HTTP, FTP, IMAP, SMTP and POP3.
4. Click the Settings button to configure each Protocol Settings. The following window will appear:
5. Configure HTTP Settings and click the OK button.
6. Once back at the Security Services>Gateway Anti-Virus screen, click the Configure Gateway AV
Settings button. The following window will appear:
7. Configure Gateway AV Settings and click the OK button.

8. Once back at the Security Services>Gateway Anti-Virus screen, click the Apply button.
Comments
Additional controls for AV protection can be implemented through the use of the Client AV Enforcement
features as well. Please refer to the SonicWALL Administrator Guide for information on using this feature as
it is beyond the scope of the guide.
Ensure that anti-virus programs are capable of detecting, removing, and protecting against other
forms of malicious software, including spyware and adware.
N/A
Comments
SonicWALL Administrator Guide should include this as a Best Practice. Working in conjunction with your
SonicWALL network security appliance, the Enforced Client guarantees that all endpoints have the latest
versions of anti-virus and anti-spyware software installed and active. Along with SonicWALL's gateway and
server protection, SonicWALL endpoint security keeps your network free from dangerous viruses and
spyware.
SonicWALL, in partnership with McAfee, the leader in business anti-virus solutions, brings you two anti-virus
services to protect every endpoint in your company against the most sophisticated virus threats, dangerous
spyware, and productivity-draining adware.
SonicWALL Enforced Client Anti-Virus and Anti-Spyware »

This service automatically enforces anti-virus and anti-spyware policies on every client, reducing
administrative overhead. It provides the combination of client-based scanning and mitigation capabilities with
Web-based management and reporting capabilities.
SonicWALL Client/Server Anti-Virus Suite »

This service offering combines the SonicWALL Enforced Client service with server-based anti-virus
protection, with the addition of McAfee's VirusScan Enterprise for Windows and GroupShield for Exchange
anti-virus protection for Windows-based File, Print, and Exchange servers.

Ensure that all anti-virus mechanisms are current, actively running, and capable of generating audit logs.
N/A
Comments

Ensure that all system components and software have the latest vendor-supplied security patches installed.
Install relevant security patches within one month of release.
Periodically check MySonicWALL.com for security advisories and new firmware availability.
Comments
SonicWALL Administrator Guide should include this as a Best Practice. As a multi-service platform,
SonicWALL’s line of firewall/VPN appliances incorporates the broadest level of protection available through
Unified Threat Management (UTM). UTM combines multiple security features into a single platform,
protecting against attacks, viruses, Trojans, spyware and other malicious threats. Incorporating deep packet
inspection and gateway protection, allows SonicWALL’s UTM appliances to deliver superior performance at
a reasonable price. Unified Threat Management brings you the best of both worlds—reducing complexity
and simplifying management, while delivering multiple layers of protection under a single management
console.

Establish a process to identify newly discovered security vulnerabilities (for example, subscribe to alert
services freely available on the Internet). Update standards to address new vulnerability issues.
Provided via SonicAlert. SonicWALL security services automatically pushes down updates to security
devices.
Comments
Identify all users with a unique user name before allowing them to access system components or cardholder
data
.Implementation Procedure
5. Click the Groups tab. The following window will appear:
6. Select a user group to which this user will be a member and click the right arrow button (->).
Repeat this step for each group to add.
7. Click the VPN Access tab. The following window will appear:
8. Select a network to which this user will be able to access through the VPN client software and click
the right arrow button (->). Repeat this step for each network to add.
In addition to assigning a unique ID, employ at least one of the following methods to authenticate all users:
• Password
• Token devices (e.g., SecureID, certificates, or public key)
• Biometrics.
3. Click the Add User button or, for existing users click the Configure icon. The following window will
appear:
4. Assign a username and password for the user and click the OK button.
5. Select the System menu, and select the Certificates item.
6. To import a certificate, click the Import tab. The following window will appear:
7. Complete the Import Certificate form and click the Import button.
8. To obtain a new certificate, click the New Signing Request button. The following window will
appear:
9. Complete the required fields on the Certificate Signing Request and click the Generate button.
10. Click Export. You are prompted to save the file. It will be saved in the PKCS 10 format.
11. Obtain a certificate from one of the approved certificate authorities using the PKCS 10 file. After
you receive the certificate file, locate and import the file by clicking Browse in the Import
Certificate With Private Key section. Then click Import. The certificate will appear in the Current
Local Certificates section.
Encrypt all passwords during transmission and storage on all system components.
N/A
Comments
All passwords will need to be encrypted by SSL/TLS (for management access), the configuration is stored
and encoded on the device and requires administrative authentication for view and export.

Set first-time passwords to a unique value per user and change immediately after first use.
N/A
Comments
SonicWALL products do not enforce a user to specify a unique password after the first login. Beginning with
GMS 4.1 and SonicOS 4.0 Enhanced, this feature will be supported.

Immediately revoke accesses of terminated users
N/A
Comments

Remove inactive user accounts at least every 90 days.
N/A
Comments
Do not use group, shared, or generic accounts and passwords.
N/A
Comments
Although this is a best practice, SonicWALL products do not support this feature. If products are used with
GMS 4.1 management only, other SoincWALL products under management would not need to have this
support.

Change user passwords at least every 90 days.
N/A
Comments
GMS 4.1 management only, other SonicWALL products under management would not need to have this
support.

Require a minimum password length of at least seven characters.
N/A
Comments
support.

Use passwords containing both numeric and alphabetic characters.
N/A
Comments
support.

Do not allow an individual to submit a new password that is the same as any of the last four passwords he or
she has used.
N/A
Comments
support.
Limit repeated access attempts by locking out the user ID after not more than six attempts.
3. Check Enable Administrator/User Lockout.

4. Enter a value of ‘6’ or less for Failed login attempts per minute before lockout.
5. Enter a value of ‘30’ or more for Lockout Period (minutes).
6. Click the Apply button.
Set the lockout duration to thirty minutes or until administrator enables the user ID.
3. Check Enable Administrator/User Lockout.

4. Enter a value of ‘6’ or less for Failed login attempts per minute before lockout.
5. Enter a value of ‘30’ or more for Lockout Period (minutes).
If a session has been idle for more than 15 minutes, require the user to re-enter the password to re-activate
the terminal.
3. Enter a value of ‘15’ or less for Log out Administrator after inactivity of (minutes).
5. Select the Users menu, and select the Settings item.
6. Enter a value of ‘15’ or less for Inactivity timeout (minutes).
Comments
This control applies only to Administrator accounts.
Establish a process for linking all access to system components (especially access done with administrative
privileges such as root) to each individual user.
5. Click the Groups tab. The following window will appear:
6. Select a user group to which this user will be a member and click the right arrow button (->).
Repeat this step for each group to add.
7. Click the VPN Access tab. The following window will appear:
8. Select a network to which this user will be able to access through the VPN client software and click
the right arrow button (->). Repeat this step for each network to add.
Implement automated audit trails for all system components to reconstruct the following events: All
individual user accesses to cardholder data.
2. Select the Log menu, and select the Categories item.
3. Scroll down and check System Maintenance and User Activity.

4. Scroll up to the top of the screen and click the Apply button.
Implement automated audit trails for all system components to reconstruct the following events: All actions
taken by any individual with root or administrative privileges.

Implement automated audit trails for all system components to reconstruct the following events: Access to all
audit trails.
3. Scroll down and check User Activity.

Implement automated audit trails for all system components to reconstruct the following events: Invalid
logical access attempts.

Implement automated audit trails for all system components to reconstruct the following events: Use of
identification and authentication mechanisms
3. Scroll down and check User Activity and Attacks.

Implement automated audit trails for all system components to reconstruct the following events: Initialization
of the audit logs.
3. Scroll down System Maintenance and User Activity.

Implement automated audit trails for all system components to reconstruct the following events: Creation
and deletion of system-level objects.

Record at least the following audit trail entries for each event for all system components: User identification.
2. Select the Log menu, and select the Syslog item.
3. Set the Syslog Format to Default using the drop-down menu.

Record at least the following audit trail entries for each event for all system components: Type of event.

Record at least the following audit trail entries for each event for all system components: Date and time.

Record at least the following audit trail entries for each event for all system components: Success or failure
indication.

Record at least the following audit trail entries for each event for all system components: Origination of
event.

Record at least the following audit trail entries for each event for all system components: Identity or name of
affected data, system component, or resource.

Synchronize all critical system clocks and times.
2. Select the System menu, and select the Time item.
3. Check Set Time Automatically using NTP.

4. Click the Add button in the NTP Server section at the bottom of the page. The following window
will appear:
5. Enter the NTP Server IP(Internet Protocol) address and click OK.
Secure audit trails so they cannot be altered, including the following: Limit viewing of audit trails to those
with a job-related need.
N/A
Comments

Secure audit trails so they cannot be altered, including the following: Protect audit trail files from
unauthorized modifications.
N/A
Comments:
This is not a specific feature of SonicOS, but a compensating control is limiting access to the audit trails by
limiting access to the firewall to only specific users and from specific network locations.
Secure audit trails so they cannot be altered, including the following: Promptly back-up audit trail files to a
centralized log server or media that is difficult to alter.
3. Click the Add button in the Server Name section at the bottom of the page. The following window
will appear:
4. Enter the Name or IP Address and Port for the Syslog server.
Copy logs for wireless networks onto a log server on the internal LAN.
will appear:
Use file integrity monitoring and change detection software on logs to ensure that existing log data cannot
be changed without generating alerts (although new data being added should not cause an alert).
N/A
Comments

Review logs for all system components at least daily. Log reviews must include those servers that perform
security functions like intrusion detection system (IDS) and authentication, authorization, and accounting
protocol (AAA) servers (for example, RADIUS).
N/A
Comments
Retain audit trail history for at least one year, with a minimum of three months online availability.
will appear:
Comments
SonicWALL firewalls support transferring of all log files to a configured syslog server. Ensure that the syslog
server has enough hard disk size to store GMS server logs for atleast three months online.
Use network intrusion detection systems, host-based intrusion detection systems, and intrusion prevention
systems to monitor all network traffic and alert personnel to suspected compromises. Keep all intrusion
detection and prevention engines up-to-date.
2. Select the Security Services menu, and select the Intrusion Prevention item.
3. Check Enable IPS.

4. Check Prevent All for High Priority Attacks, Medium Priority Attacks & Low Priority Attacks.
6. To exclude specific IP addresses, click the Configure IPS Settings button. The following window
will appear:
7. Uncheck Enable IPS Exclusion List. Exclude specific IP addresses at the IPS signature level
instead of globally.
Comments
Enforce a policy of updating signatures on a regular basis.
Deploy file integrity monitoring software to alert personnel to unauthorized modification of critical system or
content files; and configure the software to perform critical file comparisons at least weekly.
N/A
Comments
Monitor and analyze security alerts and information, and distribute to appropriate personnel.
2. Select the Log menu, and select the Automation item.
3. Enter the email address that will be receiving alerts in the Send Alerts to E-mail Address field.
Also enter the IP address and email address of the mail server in the Mail Server Settings section.
Monitor and control all access to data.

SonicWALL PCI Implementation Guide For SonicOS Enhanced

Uploaded by

Copyright:

Available Formats

SonicWALL PCI Implementation Guide For SonicOS Enhanced

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SonicWALL PCI Implementation Guide For SonicOS Enhanced

Uploaded by

Copyright:

Available Formats

Compliance SonicWALL PCI 1.

A PCI Implementation Guide for SonicWALL SonicOS Enhanced

In conjunction with ControlCase, LLC (PCI Council Approved Auditor)

PCI DSS Requirement 1.1.1

PCI DSS Requirement 1.1.3

PCI DSS Requirement 1.3.2

PCI DSS Requirement 1.3.3

PCI DSS Requirement 1.3.4

PCI DSS Requirement 1.3.7

PCI DSS Requirement 1.4.1

PCI DSS Requirement 1.4.2

4. Scroll to the bottom of the screen and click Enable SNMP.

PCI DSS Requirement 2.2

PCI DSS Requirement 2.2.3

PCI DSS Requirement 4.1.1

2. Check Enable Gateway Anti-Virus.

7. Configure Gateway AV Settings and click the OK button.

SonicWALL Enforced Client Anti-Virus and Anti-Spyware »

SonicWALL Client/Server Anti-Virus Suite »

PCI DSS Requirement 5.2

PCI DSS Requirement 6.1

PCI DSS Requirement 6.2

PCI DSS Requirement 8.5.3

PCI DSS Requirement 8.5.4

PCI DSS Requirement 8.5.5

PCI DSS Requirement 8.5.9

PCI DSS Requirement 8.5.10

PCI DSS Requirement 8.5.11

PCI DSS Requirement 8.5.12

3. Check Enable Administrator/User Lockout.

3. Check Enable Administrator/User Lockout.

3. Scroll down and check System Maintenance and User Activity.

3. Scroll down and check System Maintenance and User Activity.

3. Scroll down and check User Activity.

3. Scroll down and check User Activity.

3. Scroll down and check User Activity and Attacks.

3. Scroll down System Maintenance and User Activity.

3. Scroll down and check User Activity.

3. Set the Syslog Format to Default using the drop-down menu.

3. Set the Syslog Format to Default using the drop-down menu.

3. Set the Syslog Format to Default using the drop-down menu.

3. Set the Syslog Format to Default using the drop-down menu.

3. Set the Syslog Format to Default using the drop-down menu.

3. Set the Syslog Format to Default using the drop-down menu.

3. Check Set Time Automatically using NTP.

PCI DSS Requirement 10.5.2

PCI DSS Requirement 10.6

3. Check Enable IPS.

3. Scroll down and check System Maintenance and User Activity.

You might also like