Web Application Firewall PCI DSS Compliance

The Barracuda Web Application Firewall helps organizations of all types that store, process and/or transmit credit card numbers, comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements. In response to increased identity theft incidents and security breaches, major credit card companies collaborated in Sept. 2006 to create the 12 procedural and system requirements, commonly known as PCI DSS version 1.1, to standardize how to store and access Primary Account Number (PAN) information.

Most immediate for today's merchants and organizations is Section 6.6 of the PCI DSS compliance deadline on June 30, 2008, addressing the development and maintenance of secure systems and applications. Section 6.6 mandates all enterprise and Web applications handling credit card and account information must undergo an extensive audit of all custom application code that can be time consuming, labor intensive and a costly process to visit and revisit with each change to the application code. The alternative to satisfy PCI DSS Section 6.6 compliance is simply installing a Web application firewall.

Barracuda Web Application Firewall PCI Deployment

Payment Card Industry Data Security Standard (PCI DSS) Requirements

The 12 PCI DSS requirements are organized into 6 main categories. To be fully compliant, an organization must satisfy all 12 requirements.

Maintain a Secure Network: Requirements 1 and 2
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data: Requirements 3 and 4
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program: Requirements 5 and 6
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
Implement Strong Access Controls: Requirements 7, 8, and 9
- Restrict access to cardholder data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
Regularly Monitor and Test Networks: Requirements 10 and 11
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
Maintain an Information Security Policy: Requirement 12
- Maintain a policy that addresses information security

Source: PCI Security Standards version 1.1 - http://www.PCISecurityStandards.org.

Barracuda Networks Enables PCI DSS Compliance

The Barracuda Web Application Firewall is designed as an easy and cost-effective solution to achieve PCI DSS compliance. In addition to satisfying the time-sensitive need to install a Web application firewall into your network for PCI DSS Section 6.6 compliance, the Barracuda Web Application Firewall further ensures PCI DSS compliance with a host of other advanced technologies.

The Barracuda Web Application Firewall enables PCI DSS compliance across major requirements:

Requirement	Barracuda Web Application Firewall
1 - Install a Firewall	Acts as a Web application firewall
3 - Protect data	Proxies Web traffic and insulates Web servers from direct access by attackers
4 - Encryption	Provides easy SSL encryption even if the application or server does not enable SSL
6 - Protect Against Vulnerabilities	Blocks known and zero-day attacks as well as the industry-accepted top 10 Web application vulnerabilities for custom development, legacy and third-party applications
7 - Restrict Access	Provides role-based administration to security policies
10 - Track and Monitor Access	Logs and reports application access and security violations

PCI DSS section 6.5 is perhaps the most significant set of detailed requirements as it addresses application vulnerability, including coding guidelines, such as those outlined by Open Web Application Security Project (OWASP). The Barracuda Web Application Firewall directly addresses each of the requirements in section 6.5.

Requirement	Barracuda Web Application Firewall
6.5.1 Unvalidated input (i.e., hidden field manipulation)	Validates incoming and outgoing session content against legitimate application behavior and usage
6.5.2 Broken access control (i.e., malicious use of user IDs)	Prevents cookie tampering and corruption of an application's access control system
6.5.3 Broken authentication and session management (i.e. cookie tampering, session hijacking)	Automatically encrypts session cookies and assigns unique session-IDs to ensure secure user sessions
6.5.4 Cross-site scripting (XSS) attacks	Inspects and verifies user input and incoming requests for any malicious code before forwarding it to backend servers
6.5.5 Buffer overflows	Detects and prevents attempts via the header or input fields to exceed memory capacity
6.5.6 Injection flaws (i.e., SQL injection)	Validates legitimacy of all Web requests and code accessing backend systems
6.5.7 Improper error handling	Cloaks Web application infrastructure from hackers attempting to expose vulnerabilities in error response and other messages
6.5.8 Insecure storage	Filters and intercepts outbound traffic to prevent transmission of sensitive information, such as passwords, credit card numbers, account records or proprietary information
6.5.9 Application Denial of service (DoS)	Slows down access requests to the Web site if a violation is detected, preventing application DoS attacks
6.5.10 Insecure configuration management	Proxies all inbound and outbound Web traffic to neutralize any configuration vulnerabilities

Important Web Application Firewall Links:

Buy Web Application Firewall Request Evaluation Unit Product Overview

Features Model Specifications Deployment Configurations

Web Demo (LIVE) FAQs Documentation

0 Items In Cart
Total: $0.00
Checkout Now

Barracuda Products:

Barracuda Spam & Virus Firewall Barracuda Spam & Virus Firewall

Barracuda Link Balancer Barracuda Link Balancer

Buy Now Barracuda 230 Barracuda 330 Barracuda 430

Request an Evaluation Unit Subscriptions

Link Balancer Overview Features Models Deployment Administration Interface Screenshots Web Demo (Live) Datasheet

Documentation FAQs Barracuda Training

Barracuda SSL VPN Barracuda SSL VPN

Buy Now Barracuda 180 Barracuda 280 Barracuda 380 Barracuda 480 Barracuda 680

Help Me Choose Request an Evaluation Unit

SSL VPN Overview Features Models Deployment Administration Web Demo (Live) Datasheet

Documentation Barracuda Training

Yosemite Backup Solution Yosemite Backup Solution

Buy Now Desktop/Laptop Desktop/Laptop Enterprise Server Backup Server Backup Plus Server Backup SBS/EBS Server Backup Unlimited

Server Backup Overview Features Deployment Specifications Web Demo Video Datasheet

Desktop Backup Overview Deployment Specifications

Barracuda Training

CudaTel Communication Server CudaTel Communication Server

Buy Now Request an Evaluation Unit CudaTel 270 CudaTel 370 CudaTel 470 CudaTel 670

CudaTel Overview Features Models Screen Shots Datasheet

PureWire Web Security PureWire Web Security

Buy Now Master Accounts Service Adapters Overview Deployment PureWire Trust BlackBerry Users Mobile Users Remote Users Specifications Screen Shots Datasheet

Looking for a Spam Firewall?

Download our "Barracuda Buyer's Guide" now we'll walk you through the process!

Additional Information:

Attend a Webinar Barracuda Training

Anti-Spam Technology Anti-Spyware Technology Anti-Virus Technology Barracuda Central

News & Articles Product Documentation Case Studies Trade-Up Program

BarracudaNetworks.ca is maintained by Optrics Engineering, a division of Optrics Inc. Optrics Engineering is an authorized Barracuda Networks Diamond Partner and network-solutions specialist. Optrics Engineering offers full complementary presales support, live product demonstrations and post-sales assistance and training for Barracuda Products.

Canada
6810 - 104 St.
Edmonton, AB, Canada
T6H 2L6
Fax: 780-432-5630
Toll Free: 1-877-463-7638
Direct: 1-780-430-6240

U.S.A.
1740 S 300 West #10
Clearfield, UT, U.S.A.
84015-3575
Fax: 801-705-3150
Toll Free: 1-877-386-3763
Direct: 1-780-430-6240

Email Us: info@BarracudaNetworks.ca