Pci Auditing In The Awms Interface - Dell PowerConnect W-Airwave User Manual

PCI Auditing in the AWMS Interface

PCI Auditing in AWMS allows you to monitor, audit, and demonstrate PCI compliance on the network. There
are five primary pages in which you establish, monitor, and access PCI auditing, as follows:
The AMP Setup > PCI Compliance page enables or disables PCI Compliance monitoring on the network,

and displays the current compliance status on the network. See
page 76.
The Reports > Definitions page allows you to create custom-configured and custom-scheduled PCI

Compliance reports. See
The Reports > Generated page lists PCI Compliance reports currently available, and allows you to generate

the latest daily version of the PCI Compliance Report with a single click. Refer to
Overview" on
The APs/Devices > PCI Compliance page enables you to analyze PCI Compliance for any specific device on

the network. This page is accessible when you select a specific device from the APs/Devices > Monitor page.
First, you must enable this function through AMP Setup. See
page 76.
The PCI Compliance Report offers additional information. Refer to

page 281. This report not only contains Pass or Fail status for each PCI requirement, but cites the action
required to resolve a Fail status when sufficient information is available.
Note: When any PCI requirement is enabled on AWMS, then AWMS grades the network as pass or fail for the respective PCI
requirement. Whenever a PCI requirement is not enabled in AWMS, then AWMS does not monitor the network's status in relation
to that requirement, and cannot designate Pass or Fail network status. AWMS servers without a RAPIDS license and users without
RAPIDS enabled will not see the 11.1 PCI requirements in the PCI Compliance Report.
Table 36 PCI Requirements and Support in AWMS
PCI Requirement
1.1
1.2.3
2.1
Dell PowerConnect W AirWave 7.1 | User Guide
"Reports > Definitions Page Overview" on
page 263.
Description
Monitoring configuration standards for network firewall devices
When Enabled: PCI Requirement 1.1 establishes firewall and router configuration standards.
A device fails Requirement 1.1 if there are mismatches between the desired configuration and the
configuration on the device.
When Disabled: When this PCI requirement is disabled in AWMS, firewall router and device
configurations are not checked for PCI compliance in firewall configuration, and Pass or Fail status is
not reported nor monitored.
Monitoring firewall installation between any wireless networks and the cardholder data environment
When Enabled: A device passes requirement 1.2.3 if it can function as a stateful firewall.
When Disabled: When this PCI requirement is disabled in AWMS, firewall router and device installation
are not checked for PCI compliance.
Monitoring the presence of vendor-supplied default security settings
When Enabled: PCI Requirement 2 establishes the standard in which all vendor-supplied default
passwords are changed prior to a device's presence and operation in the network.
A device fails requirement 2.1 if the username, passwords or SNMP credentials being used by AWMS
to communicate with the device are on a list of forbidden default credentials. The list includes common
vendor default passwords, for example.
When Disabled: When this PCI requirement is disabled in AWMS, device passwords and other vendor
default settings are not checked for PCI compliance.
"Enabling or Disabling PCI Auditing" on
page 261.
"Reports > Generated Page
"Enabling or Disabling PCI Auditing" on
"Using the PCI Compliance Report" on
Configuring AWMS | 75