Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Solutions for PCI Compliance on IIS6 or II7

Posted on 2011-09-27
1
471 Views
Last Modified: 2012-05-12
We are looking to become PCI compliant and our servers right now are IIS 6.  We've found that following the recommendations of the PCI compliance tests and taking the recommended action does not actually resolve the issue.


From hitting our head off these walls we were wondering if any of you experts have had experience and more specifically success in making an IIS6 and IIS7 environment PCI compliant.

Is it easier to make an IIS7 environment PCI compliant over IIS6 or would this be solving the problem the wrong way?


Any advice on this would be hugely appreciated.


0
Comment
Question by:collages
1 Comment
 
LVL 17

Accepted Solution

by:
Rovastar earned 500 total points
ID: 36719468
There are many things that make an environment complement. Each environment is different and you have different technologies involved. I must admit I have never had any problems with either.

You will still have to do things in a IIS7 environment. Upgrading/migrating to another environment can be a hugely time consuming process and not to be taken lightly. But you should be looking at upgrading from IIS6 at some point anyway as it is 8+ years old now. And at least planning for the upgrade. Personally i would tweak your IIS6 setup to be compliant, there is not too much solely on the Windows/ IIS side to do. You might have other things that you have  problem with code, connectivity with db, firewall config, etc that you will have to do independently of a migration anyway.

What problems are you getting and as I ask any pen test queries here, are they real problems or just what some automated scan guessed might be a problem in certain configuration and don't apply in your case.

What specific problems are you getting?

If there are too many please ask in multiple questions.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword In the years since this article was written, numerous hacking attacks have targeted password-protected web sites.  The storage of client passwords has become a subject of much discussion, some of it useful and some of it misguided.  Of cou…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question