The GIS K1+/K3 wireless gateway devices are configured differently to the GIS-R-series
gateway devices. Configuration changes may be necessary for the GIS-K1+/K3 to provide
all the desired features required for the business network.
Several different network configurations are possible when installing the GIS-K1+/K3. It is
important to recognize that restrictions are placed on the network design if the network
has any computer point-of-sale terminal that is used to process credit card information.
The Payment Card Industry Data Security Standard (PCI DSS) requires all
businesses to ensure that credit card information is protected, by preventing unauthorized
access via the network, using one or more firewall products.
Network designs have two points of entry for hackers who try to steal credit card
information from point of sale computers. The first point of entry is through the Internet
connection. The outbound Internet connection is required to process credit card
information. However the inbound direction has to be blocked to prevent hackers using the
internet to access the point of sale computers.
The second point of entry is through any wireless access point that is provided for guests
and visitors to get Internet access. The PCI DSS standards recommend that two separate
Internet circuits should be used: one for the point of sale system, and on for the public
guest Internet network.
One Internet circuit can be used when firewall devices are installed to protect the point of
sale system from attack. A firewall however is only as good as the person who configures
the firewall. It is necessary to take great care when writing the firewall rules to ensure that
no path exists for a possible attacker.
PCI DSS compliant network configurations are shown in the following figures. Additional
information about PCI DSS recommendations can be found at this URL.
https://www.pcisecuritystandards.org/security_standards/pci_dss_download_
agreement.html
To Next Page
Loading...
Need help?
General
