PCI-DSS Compliant Service Oriented Infrastructure

The payment card industry data security standards (PCI-DSS) requires increased controls of cardholder information to minimize credit card fraud. Although PCI-DSS compliance is specific to the payment industry, the principles of securing user or subscriber information from leaks or cyber attacks apply to most service providers, enterprises and governments. Such principles have been core to the Layer 7 Gateway solution since its inception.

With its runtime policy enforcement and application level awareness, the Layer 7 Gateway is becoming a preferred component of your PCI-DSS compliant infrastructure. Acting at the perimeter of a service zone, the Layer 7 Gateway authenticates, authorizes and encrypts communications with external entities. Through various pattern recognition mechanisms, the Layer 7 Gateway inspects outgoing messages to filter out unwanted cardholder information leaking from internal systems.

With version 6.0 of the Layer 7 Gateway, Layer 7 Technologies goes beyond encryption and information scrubbing to provide PCI-DSS specific functionality such as a new auditing subsystem which facilitates the obfuscation of card holder information from system logs and audit traces. Version 6.0 of the Layer 7 Gateway also now includes a PCI-DSS Secure Implementation Guide (SIG) manual which covers all the PCI-DSS compliance related settings (you can find this manual from our support portal).


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: