Go To Products
Document Center
jetNEXUS Application Firewall - JAF
Comply with PCI DSS standard requirements
Comply with PCI DSS standard requirements
What is PCI DSS?
The Payment Card Industry data Security Standard (PCI DSS) was established by the PCI Security Standards Council which consists of the leading credit card organisations. The Standard details security requirements for storing, processing or transmitting cardholder data. The latest PCI DSS version, 1.2 was released in October 2008 and is designed to enhance payment account data security.
The Payment Card Industry data Security Standard (PCI DSS) was established by the PCI Security Standards Council which consists of the leading credit card organisations. The Standard details security requirements for storing, processing or transmitting cardholder data. The latest PCI DSS version, 1.2 was released in October 2008 and is designed to enhance payment account data security.
What does PCI DSS require?
The Standard requires compliance to the following:
• Build and Maintain a secure network
• Maintain a vulnerability Management Program
• Implement strong access control measures
• Maintain an information security policy
• Protect Cardholder Data
Who is affected by PCI DSS?
Merchants and (IT-) Service Providers who process or store credit card data are advised to comply with PCI DSS. Non-Compliance will lead to increasing transaction costs and/or fines or claims for damages (depending on the size of the organisation).
What does PCI DSS V1.2 say?
The latest PCI DSS version 1.2 requirement 6.6 became compulsory in October 2008 saying:
Ensure that all web-facing applications are protected against known attacks by applying either of the following methods:
The jetNEXUS Application Firewall enables organisations to comply with PCI DSS.
Merchants and (IT-) Service Providers who process or store credit card data are advised to comply with PCI DSS. Non-Compliance will lead to increasing transaction costs and/or fines or claims for damages (depending on the size of the organisation).
What does PCI DSS V1.2 say?
The latest PCI DSS version 1.2 requirement 6.6 became compulsory in October 2008 saying:
Ensure that all web-facing applications are protected against known attacks by applying either of the following methods:
Having all custom application code reviewed for common vulnerabilities by an organization that specializes in application security
Installing an application layer firewall in front of web-facing applications
Deliver professional IT service provision
The jetNEXUS Application Firewall enables organisations to comply with PCI DSS.
jetNEXUS Application Firewall enables you to:
Protect against zero day attacks
Detect known attacks
Repel attacks and eliminate unwanted traffic
Document attacks and defensive measures
Satisfy compliance regulations (legal obligations, industry standards, service level agreements)
Safeguard your corporate image, sensitive data and trust relationships.
JAF Key Features
Simple administration in the Basic Mode
Wide range of functions in the Expert Mode
Automatic basic protection or finely-granulated customizable settings
Automated rule-making based on the results of source code and vulnerability scans done on a Web application
User friendly administration
Cluster architecture
Integrated version management
JAF Security
"Traditional" WAF Features
Bi-directional HTTP request analysis
White/ black /grey listing
Various Learning modes
Pro-active Security Functions
Secure session management
URL encryption
Site usage enforcement
Monitoring and Reporting
Central logging for centralized troubleshooting
Real-time dashboards and statistics
Report generation as HTML & PDF
JAF Administration
Client Compatibility
Central administration of multiple applications
Support for multiple administrators
Rights assignment with role concept
Complete configuration history and audit log
Central administration and statistics
Central log file evaluation