?
Solved

PCI and Small Business Server

Posted on 2012-03-16
1
Medium Priority
?
330 Views
Last Modified: 2012-05-09
I am working with a customer needing to complete form D of PCI's SAQ.

Question 2.2.1 says is there only one primary function per server? It gives the example, are web servers, database servers and DNS servers all on separate servers.

Does this mean that a SBS would not be PCI compliant as it hosts DHCP, DNS, AD, File Server, SharePoint and Exchange all on one box?

How deep does this go? Take Exchange for instance. Exchange has a mailbox db server, a web front end and its back end.. does all this need to be separated too?
0
Comment
Question by:Schuyler Dorsey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 37732906
Do not really see that it need to be one service one physical machine as this can be complicated in virtual environment. The idea is ti isolate and segregate service oneinside so as thisto bescope down the ideadss involvement and segregate which can be lesser prone to copecracks due to cracksmany services running in same box. Sometimes it needis not reallycost effective and efficient to split up inherent web services...but we can harden and lockdown those ports etc. Some info on sbs  meeting pci dss

 http://social.technet.microsoft.com/wiki/contents/articles/853.adjustments-for-pci-dss-scan.aspx
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This subject  of securing wireless devices conjures up visions of your PC or mobile phone connecting to the Internet through some hotspot at Starbucks. But it is so much more than that. Let’s look at the facts: devices#sthash.eoFY7dic.
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question