Kirk, I can't say that I understand the nuances of the system to the point of having any details to contribute, but after lots of trying to figure it out the thing that finally allowed us to pass the scan was to use a VPN. We open only the VPN ports and the ports required by the credit card machines. We use the Apple Server's VPN and an AirPort Extreme.
I did not think to ask the compliance people if I could register the standard 4D ports with them so that having those ports open would not trigger a violation. On the other hand, I think I read that credit card machines are supposed to be on a separate network anyway. A low speed DSL would work. Keith - CDI > On Sep 7, 2017, at 2:46 PM, Kirk Brooks via 4D_Tech <4d_tech@lists.4d.com> > wrote: > > If anyone has experience with successfully completing a PCI/DSS audit and > certification for your network, not just the 4D part, I would really > appreciate talking with you. Ping me off line. > > Thanks > > -- > Kirk Brooks > San Francisco, CA > ======================= > > *The only thing necessary for the triumph of evil is for good men to do > nothing.* > > *- Edmund Burke* > ********************************************************************** > 4D Internet Users Group (4D iNUG) > FAQ: http://lists.4d.com/faqnug.html > Archive: http://lists.4d.com/archives.html > Options: http://lists.4d.com/mailman/options/4d_tech > Unsub: mailto:4d_tech-unsubscr...@lists.4d.com > ********************************************************************** ********************************************************************** 4D Internet Users Group (4D iNUG) FAQ: http://lists.4d.com/faqnug.html Archive: http://lists.4d.com/archives.html Options: http://lists.4d.com/mailman/options/4d_tech Unsub: mailto:4d_tech-unsubscr...@lists.4d.com **********************************************************************
