PCI Requirement 1
Install and Maintain a Firewall Configuration
Welcome to PCI Requirement 1. Are you a merchant, service provider, or sub-service provider who stores, processes, or transmits cardholder data? If so, this is a great place to be introduced to the PCI DSS. In these videos, you will learn why the PCI DSS was developed, who participates in the PCI environment, what the 12 PCI DSS requirements are, and what the foundational elements of a PCI DSS engagement are.
PCI Requirement 1 focuses on installing and maintaining a firewall configuration in order to protect cardholder data. To comply with PCI Requirement 1, you’ll need to understand several aspects of firewall configuration. Our video resources outline change control programs, how to maintain network documentation, how to establish and maintain a secure firewall, what a DMZ is and how to segregate it from the Cardholder Data Environment (CDE), the roles and responsibilities of network management, inbound and outbound traffic rules, anti-spoofing measures, and more. Understanding these aspects of firewall configuration are vital when trying to protect your cardholder data. Click on a video below to get started with PCI Requirement 1.

Introduction to PCI DSS: What You Need to Know

The 12 PCI DSS Requirements

Establishing the Scope of Your Cardholder Data Environment

Policies, Procedures, and Standards

Introduction to PCI DSS Requirement 1

PCI DSS Requirement 1.1.4: Establishing a Firewall and DMZ

PCI DSS Requirement 1.1.5: Defining Roles and Responsibilities for Managing Network Components

PCI DSS Requirement 1.1.6: Documentation of Business Justification and Approval

PCI DSS Requirement 1.2: Restrict Connections to Untrusted Networks

PCI DSS Requirement 1.2.1: Restrict Traffic to that which is Necessary

PCI DSS Requirement 1.2.2: Secure and Synchronize Router Configuration Files

PCI DSS Requirement 1.2.3: Install Firewalls Between all Wireless Networks and the CDE

PCI DSS Requirement 1.3: Examine Firewall and Router Configurations

PCI DSS Requirement 1.3.1: Establishing a DMZ

PCI DSS Requirement 1.3.2: Limit Inbound Internet Traffic

PCI DSS Requirement 1.3.3: Implement Anti-Spoofing Measures

PCI DSS Requirement 1.3.4: Deny Unauthorized Outbound Traffic

PCI DSS Req 1.3.5: Permit Only Established Connections into the Network

PCI DSS Requirement 1.3.6: Segregate the CDE from the DMZ

PCI DSS Requirement 1.3.7: Do Not Disclose Private IP Addresses

PCI DSS Requirement 1.4: Install Personal Firewall Software
