<div>
<div class="content wysiwyg-content">
We are looking to become PCI compliant and our servers right now are IIS 6. &nbsp;We've found that following the recommendations of the PCI compliance tests and taking the recommended action does not actually resolve the issue.<br />
<br />
<br />
From hitting our head off these walls we were wondering if any of you experts have had experience and more specifically success in making an IIS6 and IIS7 environment PCI compliant.<br />
<br />
Is it easier to make an IIS7 environment PCI compliant over IIS6 or would this be solving the problem the wrong way?<br />
<br />
<br />
Any advice on this would be hugely appreciated.<br />
<br />
<br />

</div>
</div>


We are looking to become PCI compliant and our servers right now are IIS 6.  We've found that following the recommendations of the PCI compliance tests and taking the recommended action does not actually resolve the issue.


From hitting our head off these walls we were wondering if any of you experts have had experience and more specifically success in making an IIS6 and IIS7 environment PCI compliant.

Is it easier to make an IIS7 environment PCI compliant over IIS6 or would this be solving the problem the wrong way?


Any advice on this would be hugely appreciated.




Solutions for PCI Compliance on IIS6 or II7

IIS is Internet Information Services, the web server included with Windows Server operating systems. All current versions are built on a modular architecture; modules can be added or removed individually so that those required for specific functionality are installed. The full installation of IIS includes HTTP, security, content, compression, caching, logging and diagnostics.

Microsoft IIS Web Server

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.

SSL / HTTPS

The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. HTTP is the protocol to exchange or transfer hypertext. HTTP functions as a request-response protocol in the client-server computing model. HTTP is designed to permit intermediate network elements to improve or enable communications between clients and servers. HTTP is an application layer protocol designed within the framework of the Internet Protocol Suite; it presumes an underlying and reliable transport layer protocol.