Enables streamlined review of all active desktop firewall rules at predetermined regular intervals |
Section 1.1.7 of the PCI DSS mandates regular review process to happen every 6 months in order to cleanup outdated rules and ensure that the current rules allow only authorized ports and services according to established business justifications. This query shows all the rules configured on desktop firewalls to facilitates centralized and streamlined review process by the PCI implementation personnel. You can the output of this query to create documentation necessary to prove that regular 6-month reviews did actually happen and the responsible personnel has complete understanding of the rules being used.
Also according to PCI DSS implementation guidelines, organizations with a large number of changes to firewall rules may perform firewall rule reviews more frequently, in order to maintain the rule sets adequate to the current needs of the business.
Sign-up for Action1 Free Edition to receive real-time alerts and view instant data from your endpoints, such as alert on 1.1.7.b: Review of Firewall Rules Every 6 Months created, deleted or modified or run live or scheduled queries with the ability to export to CSV or Excel. Action1 Endpoint Security Platform is entirely SaaS, with online web interface (no management tools to install) and it has zero cost for basic functionality. Running in the Cloud, Action1 discovers all of your endpoints in seconds and you can query your entire network in plain English.
Endpoint configuration management in the Cloud
Manage endpoint configuration using plain English from the Cloud. Such as type 'Windows services' or 'reboot computer'.
Get results instantly from live systems and run automated actions.
Related Alerts and Reports:
1.1.1.b: All Network Connections
Pulls a list of all network connections configured on the endpoints
1.1.1.c: Desktop Firewall Configurations
View current configuration of Windows Firewall on multiple computers at once
1.1.2.a: Diagram of Network Connections
View all network connections between Cardholder Data Environment and other networks
1.1.4.c: Verify Firewall is Active
Check status of desktop firewall on all the workstations at once
1.1.6.a: All Services, Protocols, Ports
View all services, protocols and ports used on all the endpoints
1.1.6.c: Insecure Services, Protocols, Ports
Shows all known insecure services, protocols and ports, according to known standards, used on endpoints
Find more information on 1.1.7.b: Review of Firewall Rules Every 6 Months at Microsoft TechNet.