Card Industry (PCI) Data Security Standard (DSS), version 1.2, consists of
twelve security criteria that most credit card companies require businesses who
accept online payments via credit and debit cards to meet. These criteria are
designed to prevent identity theft, hacking, and other types of fraud. If an
internet service provider or online merchant does not meet the PCI DSS
criteria, that ISP or merchant risks losing authorization to accept credit card
payments through its web site.
online merchants prove that they are in compliance with PCI DSS by having an
audit conducted by a PCI DSS Qualified Security Assessor (QSA) Company. The PCI
DSS report is designed to assist them both before and during the audit. Before
the audit, it shows which application firewall settings are relevant to PCI
DSS, how they should be configured, and (most important) whether your current
application firewall configuration meets the standard. During the audit, the
report can be used to demonstrate compliance with relevant PCI DSS criteria.
The PCI DSS
report consists of a list of those criteria that are relevant to your
application firewall configuration. Under each criterion, it lists your current
configuration options, indicates whether your current configuration complies
with the PCI DSS criterion, and explains how to configure the application
firewall so that your protected web site(s) will be in compliance with that
The PCI DSS
report is located under
Generate PCI DSS Report. Depending on your browser
settings, the report is displayed in the pop-up window or you are prompted to
save it to your hard disk.
. To generate the report as an
Adobe PDF file, click
Note: To view
this and other reports, you must have the Adobe Reader program installed on
The PCI DSS
report consists of the following sections:
Description. A description of the PCI DSS Compliance Summary
Firewall License and Feature Status. Tells you whether the
application firewall is licensed and enabled on your NetScaler appliance.
Executive Summary. A table that lists the PCI DSS criteria
and tells you which of those criteria are relevant to the application firewall.
Detailed PCI DSS Criteria Information. For each PCI DSS
criterion that is relevant to your application firewall configuration, the PCI
DSS report provides a section that contains information about whether your
configuration is currently in compliance and, if it is not, how to bring it
Configuration. Data for individual profiles, which you
access either by clicking
Application Firewall Configuration at the top of the
report, or directly from the
Reports pane. The Application Firewall Configuration
report is the same as the PCI DSS report, with the PCI DSS-specific summary
omitted, and is described below.