Aruba Networks Introduces PCI Compliance Reporting in New Suite

— February 04, 2009

Aruba Networks, Inc, a global leader in wireless LANs and secure mobility solutions, today announced the release of AirWave Wireless Management Suite 6.2. The new management suite includes Payment Card Industry (PCI) Data Security Standard (DSS) compliance reporting. The PCI standard defines security guidelines for merchants and service providers that store, process and transmit cardholder data. The newly introduced in-depth compliance reporting feature evaluates individual managed devices against several PCI requirements to validate that safeguards are working as intended. The report also summarizes any intrusions detected by the wireless intrusion protection system, as well as any detected rogue wireless access points.

"Enforcing strong access controls and audit trails around sensitive data and systems can provide a compliance-compensating control," said Avivah Litan, VP Distinguished Analyst at Gartner. The "deny all except what is absolutely required" dogma should be adhered to.Security audits should be conducted continuously or as frequently as possible, and not be limited just to what's required by PCI."

Besides PCI compliance reporting, the AirWave Suite 6.2 includes several additional new security and monitoring features including among others:

  • Enhanced rogue access point detection and workflow, including additional levels of rogue classification;
  • RADIUS authentication for administrators to address the PCI requirement that allsystems adhere to centralized AAA, use strong passwords, rotate passwords
  • regularly, and maintain an external audit trail;
  • SSID-based statistics collection and report filtering for tracking the migration ofdevices away from WEP to PCI-compliant security methods;
  • Monitoring support for Cisco 871 Routers.
In addition to the AirWave management products, Aruba offers integrated security and wireless/wired access solutions that meet or exceed the wireless LAN-specific security requirements in the latest PCI DSS v1.2. Merchants using an Aruba networking solution can cost-effectively implement the security controls required for PCI compliance without compromising the performance of business applications or upgrading legacy networks.

"Firewalls, encryption, authentication, and wireless intrusion detection are mandated for use with all wireless LANs in the latest PCI standard, and the new report makes quick work of assessing important elements of compliance with the standard,"said Bryan Wargo, general manager of Aruba's AirWave division. "The newest PCI standard defines testing methodologies intended to ensure that the twelve major steps for securing payment account information have been satisfied. Undertaking these tests manually is time consuming, inefficient, and prone to human error. AirWave Suite 6.2 automates much of this work,encouraging users to run reports on a frequent basis so that issues can be identified and corrected faster. Given the monetary penalties out-of-compliance violations, AirWave Suite 6.2 will offer welcome relief to merchants."

A new white paper, Security Is In The Air, that describes how merchants can comply with the newest PCI DSS Version 1.2 standard, can be downloaded from Aruba's Web site.


comments powered by Disqus

RATE THIS CONTENT (5 Being the Best)

Current rating: 0 (0 ratings)



Must See


What Enterprise Apps Need Now

Mobile Enterprise explores how companies across all segments are increasingly leveraging mobile apps to enhance productivity for everyone, from field service workers to C-level executives.