What is in scope for PCI compliance on this network?
Posted on 2014-11-15
I have a network that I am working on and it is shown below:
[Credit Card Machine]----------------Private dedicated fiber line---------[Server]---------[FW]--------[Cable Modem]
The fiber is dedicated and is connected to the server that hosts a VMware vm that the third party payment processor gave us. From this server it is connected to a Linksys router/FW and out to the internet. What is exactly in scope here for PCI compliance? I don't believe we are storing any credit card information on the server but I am not certain since I just started work on this.
Also what other options exists for getting the data to the third party processor as we are looking to eliminate the fiber line and the server?