https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40989#M30129 <HTML><HEAD></HEAD><BODY><P>Hi Scantwell,</P><P></P><P>I hope you are doing well, As well as my point of view you should also&nbsp; consider Zone protection, DDOS attack protection.</P><P></P><P>Regards</P><P>Satish</P></BODY></HTML> Wed, 23 Jul 2014 16:34:51 GMT Satish 2014-07-23T16:34:51Z https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40988#M30128 <HTML><HEAD></HEAD><BODY><P>Quick question..</P><P></P><P>What experience does anyone in the forum has with setting up a PA in an E-Commerce site?</P><P></P><P>Is there anything in specifics that we need to do differently than a normal implementation?</P><P></P><P>The basis is that E-Commerce will have servers on the internet, so they are very prone to "nosey" people who are constantly trying to exploit vulnerabilities.</P><P>I understand that we scan for the known vulnerabilities, but I also need to know if there is anything else that needs to be done on the FW.</P><P>I am going to recommend that SSL Inbound Decryption be enabled to give the FW the opportunity to scan for the bad traffic.</P><P></P><P>Any other items/best practices, configuration recommendations, etc, would be greatly appreciated.</P><P></P><P>Let me know asap&nbsp; :smileysilly:</P><P></P><P>Steve</P></BODY></HTML> Wed, 23 Jul 2014 16:08:31 GMT https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40988#M30128 scantwell 2014-07-23T16:08:31Z https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40989#M30129 <HTML><HEAD></HEAD><BODY><P>Hi Scantwell,</P><P></P><P>I hope you are doing well, As well as my point of view you should also&nbsp; consider Zone protection, DDOS attack protection.</P><P></P><P>Regards</P><P>Satish</P></BODY></HTML> Wed, 23 Jul 2014 16:34:51 GMT https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40989#M30129 Satish 2014-07-23T16:34:51Z https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40990#M30130 <HTML><HEAD></HEAD><BODY><P>If they hold credit card data they may want to follow the PCI DSS recommendations</P><P><A href="https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf" title="https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf">https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf</A></P><P></P><P>Also make sure to use the Data Filtering options to avoid credit card numbers be stolen from their network.</P><P>Check this out:</P><P><A href="https://live.paloaltonetworks.com/docs/DOC-3366">How to Test Credit Card Number Blocking with Data Filtering</A></P></BODY></HTML> Thu, 24 Jul 2014 21:52:27 GMT https://live.paloaltonetworks.com/t5/general-topics/best-practices-for-e-commerce-customers/m-p/40990#M30130 mivaldi 2014-07-24T21:52:27Z