Product Documentation

Discussions Whitelisting for PCI ASV Scan

Thread Info

State Not Answered
Locked Locked
Replies 2 replies
Subscribers 8 subscribers
Views 2329 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Whitelisting for PCI ASV Scan

Badrobot over 2 years ago

Currently I could find no articles on the preferred method for Whitelisting a PCI ASV Scanner on the XG Firewall, given the number of businesses that are PCI compliant I would think there would be a general tutorial that outlines how to add the scanners IP's, where to place them in the firewall rules and how other rules and or aspects may also affect the outcome.

This thread was automatically locked due to age.

0 FloSupport over 2 years ago

Hi Badrobot

Thank you for reaching out to submit your idea!

I'll forward this over to our KBA team for their consideration.

Regards,

Florentino
Global Community Manager, Support & Services
Are you a Sophos Partner? | Product Documentation | @SophosSupport | Sign up for SMS Alerts
If a post solves your question, please use the 'Verify Answer' button.

The New Home of Sophos Support Videos! - Visit Sophos Techvids
Cancel
Up 0 Down

Cancel
0 Badrobot over 2 years ago

I should add that you need to create a new firewall rule for the scanners IP addresses or FQDN, disable all security measures and place it at the top of the rule list.

If you do not do this scanners may flag you for firewall interference, see https://www.tenable.com/plugins/nessus/96281 once this was flagged Tenable would not pass the PCI attestation.

Respectfully,

Badrobot
Cancel
Up 0 Down

Cancel