This topic is ONLY relevant to security gateways. It is NOT relevant to managed switches.
Overview
The PCI DSS Summary page (Fig. 1) in the PCI DSS menu of the Configure section of the Central Management System (CMS) displays a summary of Payment Card Industry Data Security Standard (PCI DSS) compliance for the selected Mako. Here you can see at a glance whether or not you need to take any actions to maintain compliance.
You must have a valid PCI DSS License before you can use this page. See the Licenses documentation for details regarding adding a license.
Merchant PCI Services
In addition to providing secure equipment and configuration options for making your network PCI-compliant, Mako now offers Merchant PCI services to assist you with completing quarterly network vulnerability scans and annual Self-Assessment Questionnaire (SAQ) submissions necessary for demonstrating compliance.
Some features on this page are only available with Mako’s Merchant PCI services. You must have both an active PCI DSS License and an active PCI Enhanced Services License in order to access Merchant PCI services. See the Licenses documentation for details regarding adding a license.
Merchant PCI services require installation of a dedicated scanning appliance in your network and application of firewall settings that allow it to scan restricted zones.
Summary Areas
PCI Template
Before you can address any other summary area or access any PCI DSS settings, you must first have the PCI Template applied to the selected Mako. Use the PCI Template page to create an end-to-end, secure network chain in compliance with PCI DSS. You typically will not see any other issues in this summary area once the template has been applied.
Vulnerability Scans
The Vulnerability Scans page allows you to run quarterly vulnerability scans on your network to identify and resolve any issues and to demonstrate compliance. You can request to run a scan as soon as possible or set a schedule for running scans in the future. There is also a history of past scan activity.
You must pass quarterly network vulnerability scans to be PCI-compliant.
This feature is only available with Mako’s Merchant PCI services.
AP Scans
The AP Scans page allows you to run access point (AP) scans on and around your network to identify and review every wireless access point in your area to demonstrate PCI DSS compliance. You can set a schedule for running automated AP scans and configure related alerts. There is also a summary of AP scan results.
You must review AP scans quarterly to be PCI-compliant.
This feature is only available with Mako’s Merchant PCI services.
Configuration Review
The Configuration Review page allows you to review the current configuration of the selected Mako and includes links to the appropriate CMS pages for managing these settings. If you have applied the PCI Template to the selected Mako, you can also record a configuration review here.
You must review the Mako’s configuration at least once every six months to be PCI-compliant.
SAQ
After you have resolved issues in all other summary areas, use the SAQ page to create and submit your annual SAQ to demonstrate compliance. You can use SAQ settings, SAQ Templates, and SAQ Groups to encourage consistent responses and reduce repetitive entry.
You must submit an annual SAQ to be PCI-compliant.
This feature is only available with Mako’s Merchant PCI services.