The Barracuda Web App Firewall assists organizations of all types that store, process and/or transmit credit card numbers, comply with the Payment Card Industry Data Security Standard (PCI DSS) requirements. In response to increased identity theft incidents and security breaches, major credit card companies collaborated in Sept. 2006 to create the 12 procedural and system requirements, commonly known as PCI DSS version 1.1, to standardize how to store and access Primary Account Number (PAN) information.

Most immediate for today’s merchants and organizations is Section 6.6 of the PCI DSS compliance deadline on June 30, 2008, addressing the development and maintenance of secure systems and applications. Section 6.6 mandates all enterprise and Web applications handling credit card and account information must undergo an extensive audit of all custom application code that can be time consuming, labor intensive and a costly process to visit and revisit with each change to the application code. The alternative to satisfy PCI DSS Section 6.6 compliance is simply installing a Web application firewall.
Payment Card Industry Data Security Standard (PCI DSS) Requirements

The 12 PCI DSS requirements are organized into 6 main categories. To be fully compliant, an organization must satisfy all 12 requirements.

  • Maintain a Secure Network: Requirements 1 and 2
    • Install and maintain a firewall configuration to protect cardholder data
    • Do not use vendor-supplied defaults for system passwords and other security parameters
  • Protect Cardholder Data: Requirements 3 and 4
    • Protect stored cardholder data
    • Encrypt transmission of cardholder data across open, public networks
  • Maintain a Vulnerability Management Program: Requirements 5 and 6
    • Use and regularly update anti-virus software
    • Develop and maintain secure systems and applications
  • Implement Strong Access Controls: Requirements 7, 8, and 9
    • Restrict access to cardholder data by business need-to-know
    • Assign a unique ID to each person with computer access
    • Restrict physical access to cardholder data
  • Regularly Monitor and Test Networks: Requirements 10 and 11
    • Track and monitor all access to network resources and cardholder data
    • Regularly test security systems and processes
  • Maintain an Information Security Policy: Requirement 12
    • Maintain a policy that addresses information security

Source: PCI Security Standards version 1.1 - http://www.PCISecurityStandards.org.

Barracuda Networks Enables PCI DSS Compliance
The Barracuda Web App Firewall is designed as an easy and cost-effective solution to achieve PCI DSS compliance. In addition to satisfying the time-sensitive need to install a Web application firewall into your network for PCI DSS Section 6.6 compliance, the Barracuda Web App Firewall further ensures PCI DSS compliance with a host of other advanced technologies.

The Barracuda Web App Firewall enables PCI DSS compliance across major requirements:


PCI DSS section 6.5 is perhaps the most significant set of detailed requirements as it addresses application vulnerability, including coding guidelines, such as those outlined by Open Web Application Security Project (OWASP). The Barracuda Web App Firewall directly addresses each of the requirements in section 6.5.

Products | Purchase Online | Subscription Renewal | Promotions | Freebies | Support | Contact Us
Copyright © 2010 Securicore Inc. All rights reserved. Privacy Policy.
All Registered Trademarks on this site are the property of the respective owners.

Go to the main page