Enabling Or Disabling Pci Auditing - Dell PowerConnect W-Airwave User Manual

W-airwave 7.4 user guide

Hide thumbs Also See for PowerConnect W-Airwave:

User manual (334 pages)

Configuration manual (176 pages)

Manual (50 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

Table of Contents

The PCI Compliance Report offers additional information. Refer to



page 245. This report not only contains Pass or Fail status for each PCI requirement, but cites the action

required to resolve a Fail status when sufficient information is available.

NOTE: When any PCI requirement is enabled on AirWave, then AirWave grades the network as pass or fail for the respective PCI

requirement. Whenever a PCI requirement is not enabled in AirWave, then AirWave does not monitor the network's status in

relation to that requirement, and cannot designate Pass or Fail network status. AirWave users without RAPIDS visibility enabled

will not see the 11.1 PCI requirements in the PCI Compliance Report.

Table 38 PCI Requirements and Support in AirWave

Requirement Description

1.1

1.2.3

2.1

2.1.1

4.1.1

11.4

Enabling or Disabling PCI Auditing

Perform these steps to verify status and to enable or disable AirWave support for PCI 1.2 requirements. enabling

one or all PCI standards on AirWave enables real-time information and generated reports that advise on Pass or

Fail status. The PCI auditing supported in AirWave is reported in

1. To determine what PCI Compliance standards are enabled or disabled on AirWave, navigate to the AMP

Setup > PCI Compliance page, illustrated in

66 | Configuring AMP

Monitoring configuration standards for network firewall devices

When Enabled: PCI Requirement 1.1 establishes firewall and router configuration standards.

A device fails Requirement 1.1 if there are mismatches between the desired configuration and the

configuration on the device.

When Disabled: firewall router and device configurations are not checked for PCI compliance, and

Pass or Fail status is not reported or monitored.

Monitoring firewall installation between any wireless networks and the cardholder data environment

When Enabled: A device passes requirement 1.2.3 if it can function as a stateful firewall.

When Disabled: firewall router and device installation are not checked for PCI compliance.

Monitoring the presence of vendor-supplied default security settings

When Enabled: PCI Requirement 2 establishes the standard in which all vendor-supplied default

passwords are changed prior to a device's presence and operation in the network.

A device fails requirement 2.1 if the username, passwords or SNMP credentials being used by AirWave

to communicate with the device are on a list of forbidden default credentials. The list includes common

vendor default passwords, for example.

When Disabled: device passwords and other vendor default settings are not checked for PCI

compliance.

Changing vendor-supplied defaults for wireless environments

When Enabled: A device fails requirement 2.1.1 if the passphrases, SSIDs, or other security-related

settings are on a list of forbidden values that AirWave establishes and tracks. The list includes common

vendor default passwords. The user can input new values to achieve compliance.

When Disabled: network devices are not checked for forbidden information and PCI Compliance is not

established.

Using strong encryption in wireless networks

When Enabled: PCI Requirement 4 establishes the standard by which payment cardholder data is

encrypted prior to transmission across open public networks. PCI disallows WEP encryption as an

approved encryption method after June 20, 2010. A device fails requirement 4.1.1 if the desired or actual

configuration reflect that WEP is enabled on the network, or if associated users can connect with WEP.

When Disabled: AirWave cannot establish a pass or fail status with regard to PCI encryption

requirements on the network.

Using intrusion-detection or intrusion-prevention systems to monitor all traffic

When Enabled: AirWave reports pass or fail status when monitoring devices capable of reporting IDS

events. Recent IDS events are summarized in the PCI Compliance report or the IDS Report.

When Disabled: AirWave does not monitor the presence of PCI-compliant intrusion detection or

prevention systems, nor can it report Pass or Fail status with regard to IDS events.

"Using the PCI Compliance Report" on

Table

38.

Figure

34.

Dell PowerConnect W-AirWave 7.4 | User Guide

Table of Contents

This manual is also suitable for:

Powerconnect w-airwave 7.4

Enabling Or Disabling Pci Auditing - Dell PowerConnect W-Airwave User Manual

Enabling or Disabling PCI Auditing

Related Manuals for Dell PowerConnect W-Airwave

Related Content for Dell PowerConnect W-Airwave

This manual is also suitable for:

Table of Contents