8/2/2019 SecureSpan & CloudSpan Version 6

1/2

Se

The SecureSpan & CloudSpan 6families of appliances offer:

PCI-DSS ComplianceOrganizations that want to create aPCI-compliant electronic paymentprocess can deploy Layer 7 v6appliances to mediate interactionsbetween payer, payee and/orbackend clearing houses withoutcompromising their regulatorycompliance.

Enhanced SecurityOut-of-the-box support for a masterpassphrase, encrypted messagetraffic & audit logs, as well asprotection from X-site requestforgery allows you to better secureyour shared resources from externaland internal threats, therebydecreasing business risk.

Improved VisibilityFilter and view encrypted audits/audit events; track command line-based logins and audit commandline-driven events.

To learn more about Layer 7s latestrelease, call 1-800-681-9377 (tollfree within North America) or +1.604.681.9377. You can also emailus at info@layer7.com; friend us onfacebook.com/layer7; visit us atlayer7.com, or follow-us on twitter

@layer7.

Coto R

Medipaym

Redu

With tneed f organitraditidesignever-genter

The lacontroinbouthreatviruseencry

With ccan redata brequir

Impl

In 200Internpurpoa set oto priv

LayerallowicomprSecur

ureSpan & CloudSpan

pliance & Security Enhancements Eneduce Risk and Increase Visibility for

ate between shared APIs, cloud-based servicesent systems in a secure and compliant manner

ce Risk Associated with Shared Resources

he proliferation of attacks against high profile enterpriseor implementing a modern security and compliance infrzation has never been higher. While numerous point solonal firewalls to crypto devices to identity and access sysed to deal with the elimination of boundaries between srowing trend toward the use of shared resources, be thrise application APIs, or electronic payment processing s

est versions of Layer 7s appliances provide organizationls when sharing enterprise resources with third parties.d/outbound traffic between shared resources; protect

s such as cross-site request forgery; leverage the Sophosin attachments; and create a keystore-protected maste

t/decrypt audit logs for viewing by users with the appro

omplete visibility into all interactions across shared systduce risks associated with external threats such as hackreaches; track command-line driven tasks; and provide pements.

ment a PCI-DSS Compliant Solution

6 American Express, Discover Financial Services, JCB, Maational formed the Payment Card Industry (PCI) Securityse of the council is to produce and maintain the Data Secf rules and requirements designed to help prevent fraudate cardholder data.

v6 appliances can now be configured to be a key part og organizations to create an end-to-end electronic pay

omising regulatory compliance. By implementing the reImplementation Guide (SIG), organizations can gain PCI

Access controlsPassword managementEncryption key managementInbound/outbound encrypted message trafficRBAC roles and assignments that secure access to carAuditing, including a secure audit trail for system, adlevel traffic

Version 6

ble Organizationshared Resources

and PCI-DSS electronic

and government targets, thestructure within yourtions already exist from

tems theyre rarelyystems that is the result of any cloud-based services,ystems.

s with improved securityustomers can secure all

gainst modern exploits andantivirus engine to scan forr passphrase (KMP) topriate RBAC roles.

ms and services, enterprisesrs; internal threats such asroof of compliance with audit

sterCard Worldwide, and VisaStandards Council. The mainurity Standard (DSS), which is, hacking, and other threats

f any PCI-DSS process,ent process withoutommendations in Layer 7s-compliant:

holder datainistrative, and message-

8/2/2019 SecureSpan & CloudSpan Version 6

2/2

Copyright 2011 Layer 7 Technologies Inc. All rights reserved. SecureSpan and the Layer 7 Technologies design mark aretrademarks of Layer 7 Technologies Inc. All other trademarks and copyrights are the property of their respective owners.

New FeaturesPCI-DSS ComplianceSecure ImplementationGuide (SIG)

Layer 7s PCI-DSS installation and configuration guide allows customers to configureand deploy Layer 7 Gateways as part of a PCI-compliant process

Auditing and Logging Encrypt/ decrypt audit details View encrypted audits based on RBAC security roles Search audit event logs based on Audit Code, Message Parameter Value, User Name,

User ID/User DN, Entity Type, or Entity ID

Passwords Enforce administrator password expiration and reset Enforce an expiry date for accounts

SecurityThreat Protection Pre-defined Protect Against Cross-Site Request Forgery assertion protects against

browser-based exploits in which a third party attempts to misuse the trust that a sitehas established with an authenticated user's browser

Master Passphrase Support for the use of a keystore-protected master passphrase (KMP) using theThales nCipher HSM

Encryption Out-of-the-box SSL encryption for all inbound/outbound traffic Configure outbound TLS cipher suites on a per-target-host (as well as a global) basis

Command Line CapabilitesAuditing Command line audit trail for events originating at the OS level and during execution

of management functions

Login Support for command line login via external LDAPs, as well as RADIUS support Record and track all command line logins

Third-party SupportAnti-virus Scan message attachments for viruses using Sophos Antivirus softwareTivoli Access Manager Connect to multiple TAM policy director instances

Enable Layer 7s out-of-the-box TAM assertion to perform authorization only Enable local only mode by downloading a copy of the TAM policy database to the

Layer 7 Gateway

Form FactorsHardware Active-active clusterable, dual power supply, mirrored hot-swappable drives, multi-

core 1U server

Software Solaris 10 for x86 and Niagara, SUSE Linux, Red Hat Linux 4.0/5.0Virtual Appliance VMware/ESX (VMware Ready certified)Cloud Amazon EC2 AMI

Supported StandardsXML, JSON, SOAP, REST, PCI-DSS, AJAX, XPath, XSLT, WSDL, XML Schema, LDAP, SAML, XACML, OAuth, PKCS, X.509Certificates, FIPS 140-2, Kerberos, XML Signature, XML Encryption, SSL/TLS, SNMP, SMTP, POP3, IMAP4, HTTP/HTTPS,JMS, MQ Series, Tibco EMS, FTP/FTPS, WS-Security, WS-Trust, WS-Federation, WS-SecureExchange, WS-Addressing,WS-SecureConversation, WS-MetadataExchange, WS-Policy, WS-SecurityPolicy, WS-PolicyAttachment, WSIL, WS-I,

WS-I BSP, UDDI, WSRR, MTOM, IPv6, WCF

To learn more about Layer 7 call us today at +1 800.681.9377 (toll free within North America) or+1.604.681.9377. You can also email us at info@layer7.com; friend us on facebook.com/layer7; visit usat layer7.com, or follow-us on twitter @layer7.