Firewall Rules Analyzer

DORITA technology helps you comply with PCI DSS certification

A service that allows to perform, through the configuration(s) of the firewall(s), a review of the rules and generates html files as a result, with the detail of each rule analyzed. The new PCI DSS 4.0 version requests a review every six months. This information, in addition to determining whether or not it complies with PCI DSS certification, provides a summary table of the findings and another of the public and private IP addresses, PCI and NOPCI found in the review.

Main benefits of DORITA

PCI DSS compliance assistance

To know the reliable and unreliable networks.

PCI DSS 4.0 requirements that this technology provides information on

1.2.5 All permitted services, protocols and ports are identified, approved and have a defined business need.

1.2.7 NSC configurations are reviewed at least once every six months to confirm that they are relevant and efficient.

1.3.1 Inbound traffic to the CDE is restricted as follows:

Only to the necessary traffic.
All other traffic is explicitly denied.

1.3.2 Outgoing traffic from the CDE is restricted as follows:

Only to the necessary traffic.
All other traffic is explicitly denied.

1.4.1 NSCs are implemented between trusted and untrusted networks.

1.4.2 Incoming traffic from untrusted networks to trusted networks is restricted to:

Communications with system components authorized to provide public access services, protocols and ports.
Responses to communications previously initiated by system components on a trusted network.
All other traffic is denied.

1.4.4 System components that store cardholder data are not directly accessible from untrusted networks.

informe DORITA — Report that notes the rules that are or are not complied with, based on the scope indicated by the client.

Contact us

Send us an email to info@botech.info or fill out the following contact form.