RE: PCI/DSS and Cisco IOS upgrade from Travis Niedens on 2009-09-08 (Ccielab archives 09/2009)

From: Travis Niedens <niedentj_at_hotmail.com>
Date: Tue, 8 Sep 2009 16:02:26 +0000

You have to think more along the lines of: - how is access permitted? - how
are changes logged? - how do you deploy the security features of the device? -
what are your security policies and how can you prove they are enforced? Two
tools I have used to assist with this: Pari networks - config analysis Cisco
MARS - proactive / reactive monitoring and reporting The intent is to make
sure merchants secure their environment, are proactive and carry out due
diligence. There are additional areas that are included such as server,
storage and backup infrastuctures. Lastly, keep in mind that PCI is NOT law -
it is a standard set of guidelines from visa, mastercard et al. Which is
enforced by them in addition to BANKS. That's where they nail you if you get
hacked and didnt do "due dilligence". Make sure you have the latest DSS, know
what your level is and what your bank expects from you (evidence, audit
reports, etc.). Hth, Travis

-----Original Message-----
From: subodh.rawat_at_wipro.com
Sent: 9/8/2009 9:38:14 AM
To: ccielab_at_groupstudy.com
Subject: PCI/DSS and Cisco IOS upgrade
Hi Guys,

I would appreciate if someone can answer this.

Is it mandatory to upgrade IOS of Cisco routers and switches to meet PCI/DSS
compliance?

If someone has done this, any challenges you faced during IOS upgrade?

Regards,
Subodh

Please do not print this email unless it is absolutely necessary.

The
information contained in this electronic message and any attachments to this
message are intended for the exclusive use of the addressee(s) and may
contain
proprietary, confidential or privileged information. If you are not the
intended recipient, you should not disseminate, distribute or copy this
e-mail. Please notify the sender immediately and destroy all copies of this
message and any attachments.

WARNING: Computer viruses can be transmitted
via email. The recipient should check this email and any attachments for the
presence of viruses. The company accepts no liability for any damage caused
by
any virus transmitted by this email.

www.wipro.com<http://www.wipro.com>

Blogs and organic groups at http://www.ccie.net
Received on Tue Sep 08 2009 - 16:02:26 ART

This archive was generated by hypermail 2.2.0 : Sun Oct 04 2009 - 07:42:02 ART