Introduction To Pci Requirements; Pci Auditing In The Awms Interface - Dell PowerConnect W-Airwave User Manual

Introduction to PCI Requirements

AWMS supports wide security standards and functions in the wireless network. One component of network
security is the optional deployment of Payment Card Industry (PCI) Auditing.
The Payment Card Industry (PCI) Data Security Standard (DSS) establishes multiple levels in which payment
cardholder data is protected in a wireless network. AWMS supports PCI requirements according to the standards
and specifications set forth by the following authority:
Payment Card Industry (PCI) Data Security Standard (DSS)

PCI Security Standards Council Website

https://www.pcisecuritystandards.org
PCI Quick Reference Guide, Version 1.2 (October 2008)

https://www.pcisecuritystandards.org/pdfs/pci_ssc_quick_guide.pdf

PCI Auditing in the AWMS Interface

PCI Auditing in AWMS allows you to monitor, audit, and demonstrate PCI compliance on the network. There
are five primary pages in which you establish, monitor, and access PCI auditing, as follows:
The AMP Setup > PCI Compliance page enables or disables PCI Compliance monitoring on the network,

and displays the current compliance status on the network. See
page 65.
The Reports > Definitions page allows you to create custom-configured and custom-scheduled PCI

Compliance reports. See
The Reports > Generated page lists PCI Compliance reports currently available, and allows you to generate

the latest daily version of the PCI Compliance Report with a single select. Refer to
Page Overview" on
The APs/Devices > PCI Compliance page enables you to analyze PCI Compliance for any specific device on

the network. This page is accessible when you select a specific device from the APs/Devices > Monitor page.
First, you must enable this function through AMP Setup. See
page 65.
The PCI Compliance Report offers additional information. Refer to

page 235. This report not only contains Pass or Fail status for each PCI requirement, but cites the action
required to resolve a Fail status when sufficient information is available.
NOTE: When any PCI requirement is enabled on AWMS, then AWMS grades the network as pass or fail for the respective PCI
requirement. Whenever a PCI requirement is not enabled in AWMS, then AWMS does not monitor the network's status in relation
to that requirement, and cannot designate Pass or Fail network status. AWMS servers without a RAPIDS license and users without
RAPIDS enabled will not see the 11.1 PCI requirements in the PCI Compliance Report.
Table 35 PCI Requirements and Support in AWMS
Requirement
1.1
1.2.3
64 | Configuring AWMS
"Reports > Definitions Page Overview" on
page 221.
Description
Monitoring configuration standards for network firewall devices
When Enabled: PCI Requirement 1.1 establishes firewall and router configuration standards.
A device fails Requirement 1.1 if there are mismatches between the desired configuration and the
configuration on the device.
When Disabled: firewall router and device configurations are not checked for PCI compliance, and
Pass or Fail status is not reported or monitored.
Monitoring firewall installation between any wireless networks and the cardholder data environment
When Enabled: A device passes requirement 1.2.3 if it can function as a stateful firewall.
When Disabled: firewall router and device installation are not checked for PCI compliance.
"Enabling or Disabling PCI Auditing" on
page 219.
"Reports > Generated
"Enabling or Disabling PCI Auditing" on
"Using the PCI Compliance Report" on
Dell PowerConnect W AirWave 7.2 | User Guide