About Kris.Waddle

Kris.Waddle · ‎12-16-2019

This may depend on the ASV that has been engaged, but building a rule to allow or deny based on port has been not allowed by our Auditors as an explicit allow for a port would an implicit deny for the non included ports.

Kris.Waddle · ‎11-06-2019

I've had this same question. Building several shadow rules to exempt an ASV from IPS only is not a road I want to start down. Allowing a separation between IPS and Host/Port would be 100% Helpful.

Kris.Waddle · ‎07-15-2019

We are trying to exempt our ASV scanner IPs from vuln protection, AV, etc... without whitelisting them from the firewall (host/port) rules we have in place. All I can find is exempting IPs based on a single Threat ID. Thanks. PCI Scanning Standard: "13. Arrangements must be made to configure the intrusion detection system/intrusion prevention system (IDS/IPS) to accept the originating IP address of the ASV. If this is not possible, the scan should be originated in a location that prevents IDS/IPS interference "

Member Since	‎07-15-2019 02:41 PM
Date Last Visited	‎12-16-2019 12:59 PM
Posts	3
Total Likes Received	3

Online Status	Offline
Date Last Visited	‎12-16-2019 12:59 PM

About Kris.Waddle

Re: Whitelist Vendor IP range from Paloalto IPS

Re: Whitelist Vendor IP range from Paloalto IPS

PCI: How do I exempt an ASV scanner from the IPS functions (Next-Gen, Vuln-Protection... etc)

Re: Whitelist Vendor IP range from Paloalto IPS

Re: Whitelist Vendor IP range from Paloalto IPS

Re: Whitelist Vendor IP range from Paloalto IPS

Re: Whitelist Vendor IP range from Paloalto IPS

Re: Whitelist Vendor IP range from Paloalto IPS

PCI: How do I exempt an ASV scanner from the IPS functions (Next-Gen, Vuln-Protection... etc)