You're correct that the RV042

HoTNerdTech · ‎03-31-2015

Hello,

I was wondering if there was a list of PCI compliant devices available? I've tried searching the internet and even calling Cisco to ask directly but for some reason it's very hard to get clear answers on my questions. The only answer I got was a product that cost nearly $2,000. The cost of this item for over 20 locations is astronomical. We are currently using the RV042 but failed our PCI Trustwave scan due to the SSL key being too weak.

Is there anyone here that could help me compile a list of small business routers that can help our business pass our PCI scan?

Thanks in advance.

Marvin Rhoads · ‎04-01-2015

You're correct that the RV042 router's implementation of SSL is weak.

Stepping back, why do you need an SSL key on your router? Assuming there's a good reason that can't be met via other techniques, can you implement a compensating control (such as an ACL) to mitigate the risk and thus meet that compliance requirements?

If not, then you would need to move the function to a more secure device - the new ASA 5506 might be one such candidate. Your local Cisco partner should be able to help you with product selection based on a more in-depth analysis of your environment and requirements

List of PCI Compliant devices?