- Achieve Traceability and Secure Handling of Log data
The Payment Card Industry Security Standard is a joint standard, accepted and adopted by Visa, MasterCard, American Express, Diners Card and JCB. The standard describes how credit card numbers and transaction information should be handled. This includes any kind of physical credit card transaction wether it is post, telephone or e-shops. The overall purpose for PCI is to assure that the card and transaction data is handled in a secure way so that no un-authorised personal can access the information.
What does op5 LogServer do to help you complying with the PCI standard?
The op5 LogServer is the perfect way to collect, store and search all the necessary log data created from the large number of systems and hardware involved in the card transactions. This include logs from firewalls, authentication applications, web servers, ERP-system etc. All logs are automatically forwarded to the central op5LogServer where they are stored in a SQL database. This enables both traceability and a centralized secure storage of the sensitive log data. Efficient and secure handling of logdata is a key component for complying to the PCI Security Standards. That is exactly what you easily and cost effectively will achieve with op5 LogServer.
Who is affected by PCI and how?
The PCI standards applies to all companies handling credit cards. The standard stipulates some basic criteria:
| Level |
Criteria |
On Site Audit |
Self Assessment |
Network Security Scan |
| 1 |
Companies with more then 6 million card transactions. |
Yearly |
No |
Quarterly |
| 2 |
Companies with 1-6 million card transactions |
No |
Yearly |
Quarterly |
| 3 |
Companies with 20k to 1 million card transactions |
No |
Yearly |
Quarterly |
| 4 |
The rest, below 30k transactions |
No |
Recomended Yearly |
Recomended yearly |
Using op5 LogServer in complying to the PCI Standard.
The standard includes a full set of rules and regulations covering both technical aspects as well as process and procedures. For the complete list please see: https://www.pcisecuritystandards.org/security_standards/pci_dss_download.html
The op5 LogServer is the supporting solution for complying with the following requirements:
Regularly Monitor and Test Networks
- Requirement 10: Track and monitor all access to network resources and cardholder data
- Requirement 11: Regularly test security systems and processes
Focusing on the R10 and R11 it includes multiple of tasks that can be broken in three main categories.
-
- Performing the actual logging tasks
- Reading the logs and creating the necessary actions
- Notifications
Smart Log Buffering - Make sure not to loose any logs
A lost log is not acceptable. Unfortunately network can be broken, connections can be congested etc. op5 LogServer support Smart Log Buffering.
This means that logs can be buffered in:
- Client to server - buffer and logs locally if there is no connection to the LogServer.
- Server to database - buffer the recived logs on disk before inserting into database.
What PCI Requirements does the op5 Network Management Suite Meet?
The architecture of the op5 Network Management Suite (op5 NMS) includes our three products:
Based on the requirements detailed in the Payment Card Industry (PCI) Data Security Standard, Version 1.1 Release: September, 2006 (the latest published) op5 fully support the requirements showed in the list below.
op5 LogServer security features
op5 LogServer supports UDP & TCP log traffic between the logging host and the central LogServer. We also support TLS based encryption and with X.509 Certificate authentication.
Summary
The op5 LogServer in provides the necessary functionality for upholding the PCI requirements as set forth in the v1.1. In the specific events were a notification is required this can either be supported by op5 Monitor or by any 3rd party management software enabled to perform the tasks.
For further information please contact us on +46-8-23 02 25 or info@op5.com, www.op5.com
Sources: The PCI Security Standard: https://www.pcisecuritystandards.org/index.shtml
|
