Best Practices for E-Commerce customers?

cancel
Showing results for 
Search instead for 
Did you mean: 

Best Practices for E-Commerce customers?

L4 Transporter

Quick question..

What experience does anyone in the forum has with setting up a PA in an E-Commerce site?

Is there anything in specifics that we need to do differently than a normal implementation?

The basis is that E-Commerce will have servers on the internet, so they are very prone to "nosey" people who are constantly trying to exploit vulnerabilities.

I understand that we scan for the known vulnerabilities, but I also need to know if there is anything else that needs to be done on the FW.

I am going to recommend that SSL Inbound Decryption be enabled to give the FW the opportunity to scan for the bad traffic.

Any other items/best practices, configuration recommendations, etc, would be greatly appreciated.

Let me know asap  :smileysilly:

Steve

2 REPLIES 2

L4 Transporter

Hi Scantwell,

I hope you are doing well, As well as my point of view you should also  consider Zone protection, DDOS attack protection.

Regards

Satish

L7 Applicator

If they hold credit card data they may want to follow the PCI DSS recommendations

https://www.pcisecuritystandards.org/documents/pci_dss_v2.pdf

Also make sure to use the Data Filtering options to avoid credit card numbers be stolen from their network.

Check this out:

How to Test Credit Card Number Blocking with Data Filtering

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!