Jump to content

Get Your
Free 30-Day Trial WhatsUpGold

Payment Card Industry (PCI) Data Security Standard (DSS)

Foundation Network Health and Event Log Monitoring that Helps Ensure Cardholder Data Security

The Payment Card Industry (PCI) Data Security Standard (DSS) was developed to encourage and enhance cardholder data security and the adoption of consistent standards worldwide. The PCI DSS standard lays down 12 core requirements and specifies corresponding testing procedures for merchant and service provider organizations to achieve compliance. These standards encompass among others - the building and management of secure network and application infrastructure; encrypted storage of sensitive cardholder data; implementation of strong access control measures; and regular testing and monitoring of networks. The scope of the requirements covers all system components including network, server and application infrastructure that is included in or connected to the cardholder data environment.

Understandably, network management and monitoring and network security tools have a crucial role to play in ensuring cardholder data protection in accordance with the PCI DSS standard.

  • Network management tools provide the network topology, access, health and configuration visibility that is required to verify the proper design and functioning of a secure network environment.
  • Network security and log management tools track and monitor access to all network resources and cardholder data and provide detailed tamper-proof audit trails that are vital to any PCI compliance effort.

WhatsUp Log Management & PCI Compliance

The WhatsUp Log Management solutions provide comprehensive coverage of Windows Event log and Syslog monitoring, collection and storage along with the capability for routine review as well as forensic and on-the-fly analysis. Complete audit trails of network and system events related to customer data and infrastructure access is captured and maintained in secure and tamper proof formats. Additionally, WhatsUp solutions also support powerful user logon/logoff policy enforcement and Microsoft and Active Directory group and domain object management – all of which are key PCI compliance specifications.

The following table provides some illustrative examples of how WhatsUp Event Log Management solutions can monitor and secure access to network and cardholder data to ensure compliance to PCI DSS requirements:

PCI DSS Requirements WhatsUp Log Management Products How PCI DSS Requirement is Addressed
10.1, 10.2, 10.3 WhatsUp Event Archiver
WhatsUp Event Alarm
WhatsUp Event Analyst
WhatsUp Event Rover

The WhatsUp Log Management products together provide an integrated platform that can capture complete audit trails of access to, and manipulation of, all system components and card holder data at an individual user level (including privileged users with root access).

The WhatsUp Log Management solution addresses both Windows event log and Syslog environments – ensuring single platform control of log management strategies.

The solution and its component products provide easy access to auditable data and reports. Compliance officers and auditors can therefore quickly verify that the right processes are in place and the required details about each event (e.g. user name, success / failure, event type etc.) is being collected. 

10.5 WhatsUp Event Alarm
WhatsUp Event Archiver
WhatsUp Event Analyst

WhatsUp Event Archiver supports event log data storage with separate MD5 cryptographic hashing that prevents any kind of tampering.

Remote collection and import mechanisms are supported – enabling the build out of a central repository for event log data.

Role based privileges based on custom domain configurations ensure that access is provided to administrators only on an as needed basis.

10.6 WhatsUp Event Alarm
WhatsUp Event Analyst
WhatsUp Event Rover

WhatsUp Log management products provide the capability for near real time monitoring and incident detection, routine log review as well as detailed forensic analysis in support of breach investigations.

Easy to build and share HTML reporting ensures that all stakeholders are aware of compliance related status and pertinent event data on a regular basis or as needed.

10.7 WhatsUp Event Archiver
WhatsUp Event Alarm
WhatsUp Event Analyst
Audit trail data can be stored for multiple years as per organizational policies and filtered, correlated and reported at any time to support standard compliance reporting and breach investigations.

WhatsUp Gold Infrastructure Management Solution & PCI Compliance

With single platform coverage for network, system and application components and in-depth visibility into fault, performance, flow monitoring and device configuration management – the WhatsUp Gold platform and its fully integrated plug-ins deliver powerful support for the processes required to ensure PCI DSS compliance. Merchants, Service Providers and independent auditors can benefit from WhatsUp Gold data on network topology, access point connectivity, current configuration details and the status of monitored devices and processes required under the standard.

The following table provides some illustrative examples of how WhatsUp Gold along with related plug-ins facilitates network and cardholder data security as per the PCI DSS requirements:

PCI DSS Requirements WhatsUp Gold Products How PCI DSS Requirement is Addressed
1.1, 1.2, 1.3, 2.2, 5.1, 11.1 WhatsUp Gold

WhatsUp Gold can perform a complete layer 2 and 3 network discovery and mapping of all connected devices and systems including wireless access points.

Once discovery is completed, a topology map with device-to-device connectivity is automatically generated.

The topology maps help identify where the database is located in the topology and detail its VLAN membership.

The discovery process also identifies all active / disabled server ports, and with the appropriate instrumentation captures and reports on all running applications on target hosts.

1.2, 2.2 WhatsUp Gold + WhatsConfigured

The WhatsConfigured plugin securely accesses, stores, monitors and manages all changes to device configuration files. It allows stored startup and running configuration files to be easily compared to ensure integrity and immediately alert if changes are detected.

It also allows for automated change management processes for password / credential updates based on adopted information security policy guidelines.

1.3 WhatsUp Gold + Flow Monitor

WhatsUp Gold's Flow Monitor identifies and reports on all traffic traveling over the network including source-destination pairs and types of communication protocols for any monitored interface. This enables the detection of unidentified or undesirable protocols, and as well ensures that inbound Internet traffic is only accessing specified IP addresses within the DMZ.

7.1 WhatsUp Gold

WhatsUp Gold allows the set up of role based privileges to view and configure network monitoring actions and data only on a business need to know basis.