Upload
bmurillo
View
212
Download
0
Embed Size (px)
DESCRIPTION
PixAlert PCI DSS White Paper June2010
Citation preview
PCI DSS Positioning
PCI DSS Positioning
White paper
PCI DSS Positioning
!"#$! %"&!"' "()
** *+,-+' !$ "!$*%.
/" 01*"
2 $ "#&!%(3
!""! #4! 56
!"#$%&'%$!()
/+'$!
*'!!&((
! $17"!$
#$/&8!9 "'" "
!"'"
% **" %"! (
/1:22% *"&)
!+!&%$!(,
-!$(,
!&!&(.
8;!*#"
8;!*#8'!$"!$$* "
1! "'"
#"'8!
#">'*
#">'*
)#82%
#8 !"
1?"8! 9"'")
)
4>*$ &"22'2 %*2" "
&""''2* !$& '!*.5
:22$2&' &"-!+>
+@ & & $ % ' *! .' ! 22' *A "
! '2* * !" B7 !* ' ! % ' %
!"$ . "' * "C > +@ " " 66
3%";!$'C ' *7"!
!"
*"!$'*%"" " !
* '! ' *%""&"*&* " "
;!'!'%''*D;!
"!$ 1 &
. 2 &$ "!$ ;!
2!&$*'*&* '!&
>02 " '*.'';!*! "
" ;!'2" &"$
' !$ "!$ *%. ;! ' & '
!*$&"!'2 " " *
;! * " " ! '2' % & ";! D " D
*
D * *D " "** * ;! "!$
! !" %D "$D &".1! & ** %. 2
*A$;!& $!$! 2!2*
" "
>$.$'"**#$;!$!&!.%%$!2 L
!"#$
>2! "" %1"*"%' !$
*%.D"$2&"G"**"%! &2,)
";!""*$'%-+%K
M ND&"'ND!&;!&"
M ND" *%* %.! .
M * "!""*" N" "**
/1:22%
K%%%&% $"*" ('O,O)
=
M "" %! " !''"
M >*&$""" $*
%'! &&" %$"*"%
%!!*"2F2*"%"
;!*
*"""*"D*-+***"
**2%C>$* "!*%
*D%2 7*&
%" '"&' !$"!$*%.*. "
&% *D% "&% %"
'C9%.1& *% %!"D
.D D *!!" % 2 1 &' *
&% % $" '" " % $ &' 'C *
&%'C
$"$'"$""$&$'C*D
&" &$*" " ! ""!!*&'
!$"!$*%. .' *! D!
&' & $"$ & % *2 * "
'"$ 2 !&" %. !" & !&A" ' "!$
!""! $*" !$ "!$
3
%
7'C"" **!!"!"1*D%&* %&2"
B%2%. % * "" % " ""
* 'C !& * "!$ !
"!$
*! " " !'! "$" 'C > .$
&*"$%' " " "*"%"
'C "" 1"" 2*
4B5 "& &$!"%K
4G!*'"0!$%'K
*
-
2" 5)
2* "& %K
4"*!$*%." 2!"
$* '* "$
"!
" "'D'D
* ;! %. '*D %" $* D "D
* " * D *$ !" " "
2* !"*5
.$ $!'C *!%" $!$*
$ % B D $! * ! $! 'C9 "$* B% *$
&!!22 "'D*
''B(
22 "D$D D%B"$ %(B"
$!$*
*
%. "*= %" !
*D "B% "! 2D* 2D .D
$+/& **$.$$"$! *"BD
)
K2"*"* $P (&O'$,O=
*'C $2"$
&! * $ * ! % "" % %
!>"2 %*$&% "" &!!
> ' " $*!*"!$! $
"D%22&$ %$*% ">
"" 22' % " 6 %.' $ %" *$ *
*"**-+>$"!$2' "
" 2 !& * * " &%
" "%""!$:" &*%3
3
K%%%!2"$&'"*"!1!1"161%.'1$1!1
111""11"1 1" *
6
&'(&!&)'(&
&*
! "%. $!'C*!%B"
%."*"!'"$*2!*-"'D2D
!"*!. %. .
! &*B "2$! 1!2* %"*
"B%! !'$*"'*"! "!
&.0D$ D0!*&D
!*"&&!.""B"**D"0Q
$
%% "* !'"'C*!
B !B" %."
>"* 2.$!"*" %"%'C.""2"
% "2' *'"*"
.$ "* $ '' "!$ '$ " 2* %$
"'
"'(&'!
"**!$*'"''C!"F'D+D
6D>$"D>:D 4" &*
!!"%$
"! $!'C9 % "!$! "" '
"5
>&$&& "2 *B'&%*'
'"2%B&' D*
" B2'S"2
B $! " 2* % $ ** ""D
" ! .";! &$
8 !"'".$"** * &$!"
2**&!$;! &!
! ! .$ &' "'$ " !" &$ %'
' "2 "" :" " " & "
*2
'(&'&
>"! !"" "2!" " " *
"%.>"!2"%'"&$;!*
!**$&&%K
" " !"
= " "$*2!% *'
"**"!$'"'
3 " " !" "'&!!!
"&"!$*
!;!*! "&'" !"
""&"*"
$#"
7'C% "*$%2"*$%+ -+
2"$ "'*! 9"& &$
&$ "2 *!B
! %$!'C "2 *!+@""!$0!*&+@
0D+""!$0!*&+0D!*&
>%'C!! !"*"%
+2"$%!"7783D+@""66
" +B'- !"":
!$B-:D%";!'C*
!"" "*"" '"""!$'!
%':3;!'C"$ *!$"
'" %" $"$ "! 2 *D B $ $ $
&*
$'(&+&
R! "!$R%" !"1"!$*F2*"
% & * !' 2 > ! " R!$ !" R
"&!"6!*%" !" !'*
2"!$ "%2* !'*
2!$"B"!$%"*$2&2. ! 2!!
+'! 9B "2$ *
' "&%R!
*!$"*2 !'$"".B 1"
" 2* *&$$8!'! "
%%.%R!"% &*D
! "!$ 2D !""%"%1%!
& 'C&'
/& 8! ? 7' "!$ !" !" 2
"2 D1 >B.% %
8!! " "!$ ! "$
* *" !*! &'D * "
4"" &!%" " &'"" 56
>*'" &$**&!"!"*
K4"!$
!""$'CD"$ '
"*"D! *.$*' '!"$ *D.%
". >"! " *'"" D "! '0
" " 2"" >*'KT$! T 5
""** 6! $" !" &$"!>'
! $D%"% & "!$ !"T**!$
7'+ -!"2$*&6 :"&6D% $
!*& "' *" *$ & & 2' !" "
"*$'%$* !$"!$
'(&&
! %$!'C" *!%" "
$! 2* /$ .%' % $! " ' $! " '
'$% 2"" 1"2$!$!$"
*$!% $$!2&!;!*
'$!'C&1'C1"" 2***C
!""%"!$' % 2"2 &$/&
8! *
! %$!'"$!" 2* "L
6
K%""*
)
&("$'!,%%
%" "*&)&$D7 D"2D* H/%"*'
! !**"D$*2"2 ";!'&. C
2 ! & "!$ "" % ' &"*.' "!* > $
" %" * &$"!$ !"
4>*!" "!$ "! ;!*"!$
*'*D"D" !D%.""!D% ' ""
"2*!>"*2 'C"2$
""!*""! 5
$$"'D *
' '" " !"
$"$
*" C * " *!1 'CD
$*2"2 ,'%$%";!'&.
" &$"!$ !"1D$*
" "!$ D
$*
" %" "**"C D
*$ $* 2" 2 D $* '%$D
" !'
2" &! *" 1! $*
" >
0 >" "!$ $"$
% "!$ 1:1
2"
* D ! 2 *" > * ! 2 2
*"%2=*" " "!$D 2%*"%
&%* =*" " "!$D 2 *"%
&%D *" " "!$ $ 2)*"%
D " " " !$ > " "! "2 $
"%!' 2"D1"**"*
F2*"*!& !$&$R! "!$ *!*
;!$ " "' . " 2* F2 %
*"F2 %*" "**R! ;!$
"D 2 *" "* * R! ;!$ "D
2 ) *" "* * R! ;!$ " "
2&* &$
2 "' *R!
K%%%""!$ '"!$P "P *
K%%%""!$ ';P2 *
K%%%""!$ ';P2 *
$"$ ";!' &. $* 2" 2 %
*""*"& B%2DD*2 ;!*2$
&$"!$ &$& G!*"". "$%$!& >%'
'! "2 *"*& K
K%%%""!$ ';P2 *
%"!
*"&" $!*"$*2 ! 2%"* $%
22R! 2$$D% '2'2"2'
* "$%*.$2$'
*" &$*"%K
"G! F2
B*$!&!
81!" *"
G*'&* $!&!&$& &$&.
"2""!*,"!* "
2!&"$$!'C
0*,*
/ ,8!*'
F'2#>?2*8'!K
o $2F%02 ,7
o >%&"* F%+%$,-+%%
&
0 D*
" D
$B%2&
"""!$%*+ % -+%;!
=
*!""" * " *
2"" &" *"!$2%
:"'! "*%)K
* '
*
"
8;!
8;)
B *$ ""!
0!*&0
U U U
0* U U U
2" U U 0
2" U U 0
- U U 0
2
!"
G! 7'"
0 0 0
0 0 0
00/". 0 0 0
! "
:'C . & & * ! % $ . " %"
*$. %$.*"!"" '"
> 2 " "2' = .$ ' !"! ;!*
'! &$ '%K
!"
#$
8;!*K1 *%"'!"
8;!* K ! 2 1!
! $* % "!$
*
)
8;!* "!$*" !D2
3
%
8;!*K"
8;!* )K -"$ * " 2 * " !&"
%.
"
&'("
8;!*K+ '!$! 12!%
8;!*=K2 7"!$*
"
)*"
8;!*3K8"""&$/!0 .%
8;!*
"! !"" "2!" " " *
"%.>"!2" ;!*!
"& * "!*%"!
!""K
-./'
,@" *'**!*
2 "$F*$!
'*! *%"
;! &!D'D '!$!D
"!* "$
"! "&!
"2**$&
" '&!
;!*
,2!"
!&;!!C2"$ K
,,!"$".*
*'"&"." D"
%> 2$" !".D
".D".D".D *'"
"! " "2'
*$"!
!*&Q0*Q- V"
" .D2 *
,," 12 " W>1
'!1 '2! &".
$*" 'D !
2$" 11"
"! " "2
**$"!*&
%" " !*&
" " .D2
*
,, "!*&
0"$ 0&".
"! " "
**$"0!*&
%" " !*&
" " .D2
*
,7.0% $ !
'**!*!*& '& $
"! " "
*" !*&
*$2&2 *%
$*%"! "$
*. !*&" "
.D2 *
"! *.$
6
!*&%
,8 0D**!*D! &$%
"! ' & '* D&".!
* D'D "2 * &$
%%.&$!'$%'
"K
'1%$!"
>!"
. *!&"!$
'"$'$%" .$
*'*" " !
>707+7""!*
& ! &0
"! " "
*" !*&
! &"$
2!&$%
2%.""
" " .D2
*
,""$.$'& "!
*!
"! " "@
GI" %'
2.$
,,8""".$%!*&
"! "$
"! " "
"GI @!"
"
,,.$"!$%&
" *
"! " *
@ GI !" *$
" %.$%
"
-.0!%
-,, !" " "
!*&! '
2*
"! " *
*!"" %>
$*"'" !*&
%.%&!" !*& !$
-,2%&%
"
& "!" ''! !"
/&&'0
182%"!*
""
$" '2!&
22"**" '
2!&% 2*
"! " *2
*!"! *$
"D"! %'K
.-,,-,,/0
-.1-
1,-&*"*$*%
*!!"""&
!9 .%D 4 $5
!""$%
"! " *
*!"
" &$ 11.%
-.22-
,8! %.
2!&$";!$
$'""'%.'D%
$*"*D"'
%.'$D%!* "D
!"!' 0
2!&$"*!&* &$"
2 ;! &$$*" !$
"! *"
%.!""*$&!!
"" %"*"
&(!$'(&&
'
%% "* !'"'C*!
B !B" %."
>"* 2.$
2'
-
! 2" 4! &5 ! "' BD * "**$
. !*&D B !" !*& 2 ! '
& $! " * ' $! "' *
* !""!!V
3
! %$! 4'"*5%.D%""
B%."*: &$!"".%$B %
.%&2 &1"%.&$$%" "*$%
: D "". B " $ %.
%" &2 & ! " > % ! $ 2
$ "!* %B !"
! ' > % ! D "** %'
'! K
"2&>%2& !A! "X
'! '**! '**"2 > !" "&
' **
+ * " "'!
' > &' ! !
A! "
$!&!9 $* &'! D!*
'
!
/
:" ' "* D ""2$ % ' "* "".
G%'D"'"* " !2* &$!
"!D%" "$ ! &D%!*&*
%"*$*"*"
-" " " 2 D% " ' " !D ! * %
!2% ""$'
'" ! 9 "' " 2&
-
4-%'
'!"'! '
!$$! 2%
!'2%'D!2"! *"!*
""!
""'2&*%"$"! %"
!'!!D"! "! *& !"
5-'
:2%'!*&'"*" $'%
!*& " B ' "* !*& '
"*%B%!
! "*! & " 2$''
2 "'K
o B'$ /"
G"0 " " *! '
*' "*
o "$/"
G " !"$ 0 ! * '
"*
o .""
G " !"$ "' * $
! ' "*
%!" ! "G"
*$&! *>%" %$
>2 *%' %"$*>
%%"!9*". %"$"*B
'""
! "2 $"""" >!%
%B" '"*2&""
)
&($6-'(&&7
Sign Off Checklist
Agree Categorisation Guidelines
Agree Scan Settings
Agree Targets
Install Product on Scanning Nodes
Install Licence Key
Product Demonstration (optional)
Create Scan Projects
Test Connectivity
Scan
Content Rating
Results Review
Sample Results Print
Recommendations
Resolve Access Issues
Content Escalation
Client + PixAlert Service Partner
PixAlert Service Partner
Rev
iew
Scan
nin
gIn
stal
latio
nPr
e-In
stal
latio
n
Key