Upload
layer7tech
View
220
Download
0
Embed Size (px)
Citation preview
8/2/2019 SecureSpan & CloudSpan Version 6
1/2
Se
The SecureSpan & CloudSpan 6families of appliances offer:
PCI-DSS ComplianceOrganizations that want to create aPCI-compliant electronic paymentprocess can deploy Layer 7 v6appliances to mediate interactionsbetween payer, payee and/orbackend clearing houses withoutcompromising their regulatorycompliance.
Enhanced SecurityOut-of-the-box support for a masterpassphrase, encrypted messagetraffic & audit logs, as well asprotection from X-site requestforgery allows you to better secureyour shared resources from externaland internal threats, therebydecreasing business risk.
Improved VisibilityFilter and view encrypted audits/audit events; track command line-based logins and audit commandline-driven events.
To learn more about Layer 7s latestrelease, call 1-800-681-9377 (tollfree within North America) or +1.604.681.9377. You can also emailus at [email protected]; friend us onfacebook.com/layer7; visit us atlayer7.com, or follow-us on twitter
@layer7.
Coto R
Medipaym
Redu
With tneed f organitraditidesignever-genter
The lacontroinbouthreatviruseencry
With ccan redata brequir
Impl
In 200Internpurpoa set oto priv
LayerallowicomprSecur
ureSpan & CloudSpan
pliance & Security Enhancements Eneduce Risk and Increase Visibility for
ate between shared APIs, cloud-based servicesent systems in a secure and compliant manner
ce Risk Associated with Shared Resources
he proliferation of attacks against high profile enterpriseor implementing a modern security and compliance infrzation has never been higher. While numerous point solonal firewalls to crypto devices to identity and access sysed to deal with the elimination of boundaries between srowing trend toward the use of shared resources, be thrise application APIs, or electronic payment processing s
est versions of Layer 7s appliances provide organizationls when sharing enterprise resources with third parties.d/outbound traffic between shared resources; protect
s such as cross-site request forgery; leverage the Sophosin attachments; and create a keystore-protected maste
t/decrypt audit logs for viewing by users with the appro
omplete visibility into all interactions across shared systduce risks associated with external threats such as hackreaches; track command-line driven tasks; and provide pements.
ment a PCI-DSS Compliant Solution
6 American Express, Discover Financial Services, JCB, Maational formed the Payment Card Industry (PCI) Securityse of the council is to produce and maintain the Data Secf rules and requirements designed to help prevent fraudate cardholder data.
v6 appliances can now be configured to be a key part og organizations to create an end-to-end electronic pay
omising regulatory compliance. By implementing the reImplementation Guide (SIG), organizations can gain PCI
Access controlsPassword managementEncryption key managementInbound/outbound encrypted message trafficRBAC roles and assignments that secure access to carAuditing, including a secure audit trail for system, adlevel traffic
Version 6
ble Organizationshared Resources
and PCI-DSS electronic
and government targets, thestructure within yourtions already exist from
tems theyre rarelyystems that is the result of any cloud-based services,ystems.
s with improved securityustomers can secure all
gainst modern exploits andantivirus engine to scan forr passphrase (KMP) topriate RBAC roles.
ms and services, enterprisesrs; internal threats such asroof of compliance with audit
sterCard Worldwide, and VisaStandards Council. The mainurity Standard (DSS), which is, hacking, and other threats
f any PCI-DSS process,ent process withoutommendations in Layer 7s-compliant:
holder datainistrative, and message-
8/2/2019 SecureSpan & CloudSpan Version 6
2/2
Copyright 2011 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark aretrademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.
New FeaturesPCI-DSS ComplianceSecure ImplementationGuide (SIG)
Layer 7s PCI-DSS installation and configuration guide allows customers to configureand deploy Layer 7 Gateways as part of a PCI-compliant process
Auditing and Logging Encrypt/ decrypt audit details View encrypted audits based on RBAC security roles Search audit event logs based on Audit Code, Message Parameter Value, User Name,
User ID/User DN, Entity Type, or Entity ID
Passwords Enforce administrator password expiration and reset Enforce an expiry date for accounts
SecurityThreat Protection Pre-defined Protect Against Cross-Site Request Forgery assertion protects against
browser-based exploits in which a third party attempts to misuse the trust that a sitehas established with an authenticated user's browser
Master Passphrase Support for the use of a keystore-protected master passphrase (KMP) using theThales nCipher HSM
Encryption Out-of-the-box SSL encryption for all inbound/outbound traffic Configure outbound TLS cipher suites on a per-target-host (as well as a global) basis
Command Line CapabilitesAuditing Command line audit trail for events originating at the OS level and during execution
of management functions
Login Support for command line login via external LDAPs, as well as RADIUS support Record and track all command line logins
Third-party SupportAnti-virus Scan message attachments for viruses using Sophos Antivirus softwareTivoli Access Manager Connect to multiple TAM policy director instances
Enable Layer 7s out-of-the-box TAM assertion to perform authorization only Enable local only mode by downloading a copy of the TAM policy database to the
Layer 7 Gateway
Form FactorsHardware Active-active clusterable, dual power supply, mirrored hot-swappable drives, multi-
core 1U server
Software Solaris 10 for x86 and Niagara, SUSE Linux, Red Hat Linux 4.0/5.0Virtual Appliance VMware/ESX (VMware Ready certified)Cloud Amazon EC2 AMI
Supported StandardsXML, JSON, SOAP, REST, PCI-DSS, AJAX, XPath, XSLT, WSDL, XML Schema, LDAP, SAML, XACML, OAuth, PKCS, X.509Certificates, FIPS 140-2, Kerberos, XML Signature, XML Encryption, SSL/TLS, SNMP, SMTP, POP3, IMAP4, HTTP/HTTPS,JMS, MQ Series, Tibco EMS, FTP/FTPS, WS-Security, WS-Trust, WS-Federation, WS-SecureExchange, WS-Addressing,WS-SecureConversation, WS-MetadataExchange, WS-Policy, WS-SecurityPolicy, WS-PolicyAttachment, WSIL, WS-I,
WS-I BSP, UDDI, WSRR, MTOM, IPv6, WCF
To learn more about Layer 7 call us today at +1 800.681.9377 (toll free within North America) or+1.604.681.9377. You can also email us at [email protected]; friend us on facebook.com/layer7; visit usat layer7.com, or follow-us on twitter @layer7.