We are looking to become PCI compliant and our servers right now are IIS 6. We've found that following the recommendations of the PCI compliance tests and taking the recommended action does not actually resolve the issue.
From hitting our head off these walls we were wondering if any of you experts have had experience and more specifically success in making an IIS6 and IIS7 environment PCI compliant.
Is it easier to make an IIS7 environment PCI compliant over IIS6 or would this be solving the problem the wrong way?
Any advice on this would be hugely appreciated.