Run Reports for PCI DSS Requirements

The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and contains a number of requirements that must be met.

XIA Configuration Server provides a broad spectrum of configuration and security information within its configuration management database (CMDB) which helps to support PCI DSS.

In addition, specific reports have been created that assist you in providing information aligned to the PCI DSS requirements.

XIA Configuration Server has helped us with reporting and evidence gathering aspects of the PCI-DSS process and has provided valuable insight into systems that have not met specific PCI-DSS requirements for remediation purposes.

The software is light on system resources and requirements great when for IT audits and other system checks to ensure that required systems are in line with PCI-DSS requirements.

The version comparison feature provides proof against change controls and provide a great time saving advantage on otherwise tedious admin overhead.

The CENTREL Solutions team is dedicated to providing service excellence and provide product enhancements to keep up with our growing demands.

Shimmy Garoeb
System Administrator (IT Operations)

Requirement 2.1

2.1 Always change vendor-supplied defaults and remove or disable unnecessary default accounts before installing a system on the network.

XIA Configuration Server includes the report 'Always change default passwords (Windows SNMP)' which allows you to see the SNMP community strings assigned to Windows PCs and servers in the environment and highlights systems using the default read or write community strings.

PCI DSS requirement 2.1
'Always change default passwords' report

Requirement 2.2.1

2.2.1 Implement only one primary function per server.

XIA Configuration Server provides the ability to view what functions (roles) a server is providing.

Server functions screenshot
Screenshot of server functions

Report

This information is accessed in the reporting section which allows servers running multiple functions to be easily identified.

Server functions report screenshot
'Implement only one primary function per server' report

Requirement 8.1.4

8.1.4 Remove/disable inactive user accounts within 90 days.

The XIA Configuration Client can be configured to automatically gather information about Active Directory user accounts including their last logon information. This allows an administrator to easily identify enabled, but inactive computer accounts.

'Remove / disable inactive user accounts' report
'Remove / disable inactive user accounts' report

Requirement 8.1.6

8.1.6 Limit repeated access attempts by locking out the user ID after not more than six attempts.

Account lockout policy information is gathered directly from each server and workstation by the XIA Configuration Client and can be viewed on a machine by machine basis.

Screenshot of account lockout policy settings
Screenshot of account lockout policy settings

Report

This information can also be accessed within the reporting section which allows both servers and workstations that do not comply to be easily identified.

Account lockout report
'Account lockout' report

Requirement 8.1.7

8.1.7 Set the lockout duration to a minimum of 30 minutes or until an administrator enables the user ID.

This requirement is covered within the same report as requirement 8.1.6.

Requirement 8.2.3

8.2.3 Passwords/phrases must meet the following: Require a minimum length of at least seven characters. Contain both numeric and alphabetic characters.

Password policy information is gathered directly from each server and workstation by the XIA Configuration Client and can be viewed on a machine by machine basis.

Screenshot of password policy settings
Screenshot of password policy settings

Report

This information can also be accessed within the reporting section which allows both servers and workstations that do not comply to be easily identified.

'Passwords/phrases must meet the requirements' report
'Passwords/phrases must meet the requirements' report

Requirement 8.2.4

8.2.4 Change user passwords/passphrases at least every 90 days.

This information can be reported against for both machines within the environment and from fine-grained password policies configured for Active Directory domains within the environment.

'Change user passwords at least every 90 days' report
'Change user passwords at least every 90 days' report

Requirement 8.2.5

8.2.5 Do not allow an individual to submit a new password/phrase that is the same as any of the last four passwords/phrases he or she has used.

This information can be reported against for both machines within the environment and from fine-grained password policies configured for Active Directory domains within the environment.

'Do not allow passwords that are the same as any of the previous four' report
'Do not allow passwords that are the same as any of the previous four' report

Requirement 10.4.1

10.4.1 Critical systems have the correct and consistent time

Windows

XIA Configuration Server can automatically detect the Windows Time configuration for Windows servers and workstations in the environment.

'Synchronize all critical system clocks (Windows)' report
'Synchronize all critical system clocks (Windows)' report

ESX

Similar information is also available for VMware ESX hosts.

'Synchronize all critical system clocks (ESX)' report
'Synchronize all critical system clocks (ESX)' report

Interested?

Find out more about XIA Configuration Server.

  Free Trial   Buy

Back to all features >

Features   ▲