|
[x]
Posted via EE Mobile
|
|
| Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again. |
|
|
|
|
Asked by dbhsupport in Documentum, E-Commerce, Web Languages/Standards, Miscellaneous Web Development
We are attempting to become PCI compliant.
I am looking for some guidanve and experience for requirement 1.3.
1.3 - 'Prohibit direct public access between the internet and any system component in the card holder data environmenty.
We have PCs on the CCD network that wish to access the internet.
For this indirect access is a a firewall running NAT and Stateful packet filtering sufficient to meet the above requirement. or
Do we require to create a DMZ and place a proxy server in there to manage connections to the internet.
What is acceptable to a QSA.
Many thanks
20090824-EE-VQP-74 - Hierarchy / EE_QW_3_20080625