Regularly Monitor and Test Networks

Requirement 10 Track and monitor all access to network resources and cardholder data

Logging mechanisms and the ability to track user activities are critical in preventing, detecting, or minimizing the impact of a data compromise. The presence of logs in all environments allows thorough tracking, alerting, and analysis when something does go wrong. Determining the cause of a compromise is very difficult without system activity logs.

10.1 Establish a process for linking all access to system components (especially access done with administrative privileges such as root) to each individual user.

10.2 Implement automated audit trails for all system components to reconstruct the following events:

• 10.2.1 All individual accesses to cardholder data
• 10.2.2 All actions taken by any individual with root or administrative privileges
• 10.2.3 Access to all audit trails
• 10.2.4 Invalid logical access attempts
• 10.2 5 Use of identification and authentication mechanisms
• 10.2.6 Initialization of the audit logs
• 10.2.7 Creation and deletion of system-level objects

10.3 Record at least the following audit trail entries for all system components for each event:

• 10.3.1 User identification
• 10.3.2 Type of event
• 10.3.3 Date and time
• 10.3.4 Success or failure indication
• 10.3.5 Origination of event
• 10.3.6 Identity or name of affected data, system component, or resource

10.4 Synchronize all critical system clocks and times.

10.5 Secure audit trails so they cannot be altered

• 10.5.1 Limit viewing of audit trails to those with a job-related need.
• 10.5.2 Protect audit trail files from unauthorized modifications.
• 10.5.3 Promptly back up audit trail files to a centralized log server or media that is difficult to alter.

Audit Tracking

Bit9 Application Whitelisting can help reduce the burden of compliance through streamlined audits, activity monitoring, violation notification, and policy enforcement.

For more details on Bit9 

Protect Card Holder Data

nuBridges Protect is designed to make it easier for IT to make your operations PCI DSS compliant. Here are just a few examples:

• No database or file layout changes required — encrypt a 16-digit credit card number without changing your pre-defined file layout, your application screens, your reports
• No database downtime during encryption, encryption processes run in the background, allows high availability systems to remain active

Supports two data protection methods:

1. Distributed encryption with centralized key management that does not require a persistent connection between the hub and the spokes – the optimum in performance and availability;
2. Format Preserving Tokenization™ with central data vault

Lumension Risk Manager provides a comprehensive view across hundreds of global regulations, mandates and internal policies improving the efficiency of controls and reducing risk.  Lumension Risk Manager helps create an IT Asset Catalog with Comprehensive Resource Types: Going beyond just IP-addressable assets, all resource types are included, such as applications, databases, servers, networks, data centers, people and processes.

PCI DSS Core Principles

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organised:

Requirement 1: Install and maintain a firewall configuration to protect cardholder data

Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters 

Requirement 3: Protect stored cardholder data

Requirement 4: Encrypt transmission of cardholder data across open, public networks

Requirement 5: Use and regularly update anti-virus software

Requirement 6: Develop and maintain secure systems and applications

Requirement 7: Restrict access to cardholder data by business need-to-know

Requirement 8: Assign a unique ID to each person with computer access

Requirement 9: Restrict physical access to cardholder data

Requirement 11: Regularly test security systems and processes

Requirement 12: Maintain a policy that addresses information security

Log Management Software

 Assuria Log Manager (ALM) has achieved CESG CCTM approval and securely collects and manages audit logs to comply with regulations. The small footprint ALM agents are available for Windows, UNIX and Linux servers, databases, applications, network devices, firewalls, routers, access control systems and many more. Collection from new log sources can be added via agent plug-ins. Collected logs are stored in their original format in a standard file / folder structure with log data integrity ensured through digital signatures and cryptographic hashes.

For more details on Assuria Log Manager

Log Management Appliances

LogRhythm is an enterprise-class application that seamlessly combines Log & Event Management, File Integrity Monitoring and Endpoint Monitoring & Control into a single integrated solution.  It is highly reliable, cost effective and easily scalable across any size enterprise.  With LogRhythm, you can invest in a single solution to address needs and challenges throughout your organization, whether they are related to compliance, security or IT operations.

For more details on LogRhythm Single Integrated Appliances

LogLogic Open Log Management Collect, normalize, index, store, and search log data automatically with our easy-to-deploy appliances or hosted solutions. Rapidly drill down into log details and create detailed reports with our built-in templates. All LogLogic appliances are run on hardened linux appliances that are designed to offer full log processing and archive based on the amount of Event Per Second (EPS) design. 

For more details on LogLogic Log Management Appliances

Log Management SaaS

SureCloud offer Log Management for network devices and servers in an managed service model via their SureGuard vulnerability manager portal.