07-23-2014 09:08 AM
Quick question..
What experience does anyone in the forum has with setting up a PA in an E-Commerce site?
Is there anything in specifics that we need to do differently than a normal implementation?
The basis is that E-Commerce will have servers on the internet, so they are very prone to "nosey" people who are constantly trying to exploit vulnerabilities.
I understand that we scan for the known vulnerabilities, but I also need to know if there is anything else that needs to be done on the FW.
I am going to recommend that SSL Inbound Decryption be enabled to give the FW the opportunity to scan for the bad traffic.
Any other items/best practices, configuration recommendations, etc, would be greatly appreciated.
Let me know asap :smileysilly:
Steve
07-24-2014 02:52 PM
If they hold credit card data they may want to follow the PCI DSS recommendations
https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf
Also make sure to use the Data Filtering options to avoid credit card numbers be stolen from their network.
Check this out:
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
.png "Satish"){kind=avatar}
