- Community Home
- >
- Servers and Operating Systems
- >
- HPE BladeSystem
- >
- BladeSystem - General
- >
- Re: Blade systems and PCI
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-11-2012 04:47 AM
10-11-2012 04:47 AM
Blade systems and PCI
Morning Guys,
I'm sure that many of you are being plagued by the current rush for PCI compliance. First of all, let me say that I am not a network guy, or a windows/proliant guy, nor do I have the skills of the professional hacker.
As part of the compliance requirements, I have already shut off all of the Telnet access and forced SSH sessions only, to the various module and OA CLI's, however my Network Guy came to see me with a Network Scan indicating that many of the modules were still allowing FTP protocol sessions.
Now if I recall, FTP is used in the firmware update process, and possible other places behind the scenes, and so I am a bit leery about turning it off (even if I knew how). I have also argued that there are limited uses for FTP as a portal into the Flex10 administration, however as I meantioned above, I dont know enough to be able to argue that this does NOT represent a vunerability. In any case, PCI is PCI, as far as I understand it, their dictates are non-negotiable.
If anyone has come up against this issue, would you be prepared to share how you have handled it, I would really appreciate it.
Thank to all.
Dave.
- Tags:
- ftp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-29-2012 10:57 PM
11-29-2012 10:57 PM
Re: Blade systems and PCI
Keep in mind you should have OA/VC/iLO on a dedicated subnet and you can use standard Layer 3 firewall ACLs to limit access and in a pinch put a jump box on that subnet with VCSU installed on it.
Just keep in mind the role of PCI is to keep the CC DATA protected and not everything has to be water tight.