Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1363
Views
5
Helpful
1
Replies

Firesight (FP8120) - PCI DSS Compliance

lorenzonerimail
Level 1
Level 1

‎07-10-2016 10:04 AM - edited ‎03-10-2019 06:38 AM

Hello to everyone,

I have an architecture with a FP8120 that works like sensor...
In this phase we are going to tuning it with some rules. The environment is a Finance Institute that have to be compliance with the PCI DSS.

Is there any suggestions, tips, group of rules (Intrusion Prevention Policy) for a PCI DSS Finance Institute environment?

Thank you in advance

Regards,

Lore

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-10-2016 07:29 PM

If you have set your variable properly and have a network discovery policy, it's generally not necessary to modify the IPS rules manually - one of the advantages of FirePOWER is that learns your network and adjust the rules accordingly.

You might consider whether to turn on sensitive data detection (a non-default feature) to look for cardholder data leaving the in scope network segments.

http://www.cisco.com/c/en/us/td/docs/security/firepower/60/configuration/guide/fpmc-config-guide-v60/Sensitive_Data_Detection.html

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card