Automated PCI compliance with Tripwire from Tripwire

5 | whIte PaPer | tripwire PCI DSS Solutions: automated, Continuous Compliance

The table below provides some key Tripwire Enterprise capabilities against specific requirements in the PCI DSS.

Group 1: Build and Maintain a Secure Network

requIreMeNt 1: INStall aND MaINtaIN a fIrewall CoNfIGuratIoN to ProteCt CarDholDer Data

All systems must be protected from unauthorized access from the Internet, whether entering the system as e-commerce, employ-

ees Internet-based access through desktop browsers, or employees e-mail access. Often, seemingly insignificant paths to and

from the Internet can provide unprotected pathways into key systems. Firewalls are a key protection mechanism for any com-

puter network.

PCI REQUIREMENTS

TRIPWIRE ENTERPRISE

1.1

1.1.1

1.1.8

establish firewall configuration standards that include the

following:

" A formal process for approving and testing all exter-

nal network connections and changes to the firewall

configuration.

" Quarterly review of firewall and router rule sets.

tripwire enterprise monitors the state of firewalls and

routers, detecting, responding to, and reporting on any

unauthorized changes to configuration files, rule sets, and

if necessary, the operating system underlying the firewall.

tripwire also generates and distributes quarterly reports

with difference from expected firewall and router configu-

ration standards in order to ensure these systems stay in a

known and trusted state. further, tripwire automates many

of the tasks ensuring compliance and keeping a record of the

activities making evidence easy to produce and that can be

automated as well. with Configuration assessment tests from

tripwire you can check each device s conformance to policy.

1.2

Build a firewall configuration that denies all traffic from

untrusted networks and hosts, except for protocols neces-

sary for the cardholder data environment:

" Web protocols - HTTP (port 80) and Secure Sockets Layer

(SSL) (typically port 443).

" System administration protocols (e.g., Secure Shell (SSH)

or Virtual Private Network (VPN).

" Other protocols required by the business (e.g., for ISO

8583).

Deviations from the known and trusted state caused by

unauthorized change can be rapidly detected and recovered

with tripwire enterprise. tripwire can provide proof the entire

network conforms and shows any deviations to help ensure

the only traffic coming in are for those protocols necessary for

the cardholder environment. this helps minimize the occur-

rence of connections from untrusted networks.