OT: PCI Compliant - suggestions on what to do? - experiences?
Tony Freehauf
tony at ynotsoftware.com
Sat Feb 18 08:38:22 PST 2017
Re: OT: PCI Compliant - suggestions on what to do? - experiences?
Here is what worked for me:
On the customers Netgear FVS318N router i used the VLAN Properties and
set 1 of the FVS318N ports to be a different ip range from the rest of
the network. I used 192.168.100.1 with sub net of 255.255.255 and DHCP
enabled. I then attached a NEW switch to that FVS318N port and the
Credit Card Machines are attached that NEW Switch. I Set a Inbound
Service rule for the local ip address i will use for the credit card
machines. I set each local ip address to BLOCK always and the
Destination was the ip address of a Public IP Address not used by the
other network. They have a block of 5 block Public ip address. So each
credit card machine has a fixed ip address. For example the credit card
machines are set to static local ip ip addresses I used this range of
local ip address 192.168.100.100, 192.168.100.101 .....
When the scanning company does the PCI Scan of there Public Ip Address
for the Credit Card machines they pass!! because the Scanning software
can see nothing.
hope this helps someone
old tony
--
tony at ynotsoftware.com
Tony Freehauf (Old Tony)
YNOT Software & PC Support
815-467-2179
More information about the Filepro-list
mailing list