PCI-DSS Compliance Checklist - WhatsUp Gold

PCI-DSS Compliance Checklist
Meet Requirements with the WhatsUp Gold
Continuous Compliance Solution
PCI-DSS Requirement
1.1.1 A formal process for approving and testing
all external network connections and changes to
the firewall and router configurations
1.1.6 Review firewall and router rule sets at
least every six months
WhatsUp Gold Solution
WhatsUp Gold Layer 2/3 discovery and mapping identifies all
network connections to servers holding cardholder data, for both
wired and wireless.
WhatsConfigured provides complete configuration management
for your firewalls and routers, including:
• Automatic tracking of all configuration changes
• Real-time alerts of on any configuration changes,
misconfigurations and failures to internal policies
• Reports comparing archived authorized configurations with
running configuration
1.1.2 Current network diagram with all
connections to cardholder data, including any
wireless networks
1.1.5 Documentation and business justification
for use of all services, protocols, and ports
allowed, including documentation of security
features implemented for those protocols
considered to be insecure
1.3.3 Do not allow any direct routes inbound or
outbound for traffic between the Internet and the
cardholder data environment
2.1 Always change vendor-supplied defaults
before installing a system on the network (for
example, include passwords, simple network
management protocol (SNMP) community
strings, and elimination of unnecessary accounts)
2.2 Develop configuration standards for all
system components. Assure that these standards
address all known security vulnerabilities and
are consistent with industry-accepted system
hardening standards.
WhatsUp Gold automatically generates a complete Layer 2/3
topology map of your entire infrastructure to show all connections
to cardholder data. Layer 2/3 maps include:
• Physical port-to-port and IP connectivity
• At-a-glance maps for your wireless network
WhatsUp Gold automatically collects and documents
comprehensive inventory information including:
• Bridge and switch port configurations
• A list of configured protocols on each network device
WhatsUp Gold Layer 2/3 discovery and mapping validates that
there is no direct connection between the Internet and any system
in the cardholder data environment.
Flow Monitor issues real-time alerts when a group of IP addresses
in the cardholder data environment are in communication with the
Internet.
WhatsConfigured automatically schedules and executes password
changes across one or more devices on your network.
WhatsConfigured automates updating configuration changes
across multiple devices when security vulnerabilities warrant it --
through on-demand or scheduled management tasks.
PCI-DSS Compliance Checklist 1

PCI-DSS Requirement
5.1.1 Ensure that all antivirus programs are
capable of detecting, removing, and protecting
against all known types of malicious software
5.2 Ensure that all antivirus mechanisms
are current, actively running, and capable of
generating audit logs
6.1 Ensure that all system components and
software have the latest vendor-supplied security
patches installed. Install critical security patches
within one month of release.
8.5.1 Control addition, deletion, and modification
of user IDs, credentials, and other identifier
objects
10.2 Implement automated audit trails for all
system components to reconstruct the following
events:
• 10.2.1 All individual user accesses to
cardholder data
WhatsUp Gold Solution
WhatsUp Gold Layer 2/3 discovery and inventory generates
a detailed report of all installed software and patch levels on
network and server devices.
WhatsUp Gold validates that anti-virus software is running, and
generates a report comparing system uptime vs. anti-virus uptime
to identify any periods of exposure.
WhatsUp Gold automatically discovers all network devices,
servers and applications across your network.
WhatsUp Gold generates comprehensive inventory reports of all
IT assets deployed including vendor, model number, OS, patch
level, modules, etc.
The Log Management Suite continuously monitors Active
Directory Windows events in real-time and alerts when changes
occur.
The Log Management Suite automatically collects, archives and
securely stores complete audit trails of all log data across your
systems including key events such as logon failures and object
access attempts.
• 10.2.2 All actions taken by any individual with
root or administrative privileges
• 10.2.3 Access to all audit trails
• 10.2.4 Invalid logical access attempts
• 10.2.5 Use of identification and authentication
mechanisms
• 10.2.6 Initialization of the audit logs
• 10.2.7 Creation and deletion of system-level
objects
10.3 Record at least the following audit trail
entries for all system components for each
event:
The Log Management Suite displays all log entries with type of
event, date and timestamp, and more.
• 10.3.1 User identification
• 10.3.2 Type of event
• 10.3.3 Date and time
• 10.3.4 Success or failure indication
• 10.3.5 Origination of event
• 10.3.6 Identity or name of affected data,
system component, or resource
PCI-DSS Compliance Checklist 2

PCI-DSS Requirement
10.5.2 Protect audit trail files from unauthorized
modifications.
10.5.3 Promptly back up audit trail files to a
centralized log server or media that is difficult to
alter.
WhatsUp Gold Solution
The Log Management Suite employs cryptographic hashing
to protect the integrity of your archived log data by preventing
tampering and modification.
10.5.5 Use file-integrity monitoring and change
detection software on logs to ensure that existing
log data cannot be changed without generating
alerts.
11.5 Deploy file-integrity monitoring software
to alert personnel to unauthorized modification
of critical system files, configuration files, or
content files, and configure the software to
perform critical file comparisons at least weekly.
10.6 Review logs for all system components
at least daily. Log reviews must include
those servers that perform security functions
like intrusion detection system (IDS) and
authentication, authorization, and accounting
protocol (AAA) servers (for example, RADIUS).
10.7 Retain audit trail history for at least
one year, with a minimum of three months
immediately available for analysis (for example,
online, archived, or restorable from back-up).
The Log Management Suite provides real-time monitoring,
reporting and alerting on Object Deletions, Object Access
Attempts, etc.
The Log Management Suite automatically alerts on file, folder
and object access or permission changes.
WhatsConfigured automatically generates alerts on configuration
file changes.
The Log Management Suite provides views and allows mining
log data across all servers and workstations from one console—
without needing to spot-check log files for security events,
since LMS pairs common security event identifiers with friendly
descriptions.
The Log Management Suite provides multi-year log storage/
archiving keeping your log data for as long as the IT compliance
regulation dictates.
For more information on WhatsUp Gold, please visit:
http://www.whatsupgold.com/products/whatsup-gold-core/
Try it free today for 30 days:
http://www.whatsupgold.com/products/download/
www.whatsupgold.com
Copyright © 2012, Ipswitch, Inc. All rights reserved. WhatsUp is a registered trademark and Ipswitch is
a trademark of Ipswitch, Inc. Other products or company names are or may be trademarks or registered
trademarks and are the property of their respective holders.