Wireless Access Point
595
The Xirrus AP PCI Compliance Configuration
The check list below is designed to help ensure that APs are configured in a
manner that is supportive of PCI Data Security Standards. Detailed configuration
steps for each item are found in the referenced section of the User’s Guide.
Xirrus AP Configuration for PCI DSS See...
( )
( )
Register at the Xirrus Support Site to ensure
notification and access to software updates.
Confirm that the latest version of AOS is being
used by checking the Xirrus web site.
support.xirrus.com
( ) Enable PCI Mode after configuring the AP in a PCI
compliant state to ensure configuration changes
cannot be saved that would invalidate a PCI
compliant configuration. This item is covered on
the following pages.
The pci-audit
Command, p. 596
( ) Allow only necessary protocols and networks to be
accessed by configuring your corporate firewall or
using the internal AP firewall.
Filters, p. 389
( )
( )
( )
( )
( )
( )
Change the default Admin account password.
Remove any unnecessary admin or user accounts.
Change the SNMP community string from the
default password.
Use WPA2 and 802.1x authentication.
Change default SSID to a user-defined SSID.
Disable SSID broadcast for all PCI compliant
SSIDs.
Express Setup, p. 163
Admin Management,
p. 230
SNMP, p. 197
SSIDs, p. 267 and
Global Settings, p. 249
SSIDs, p. 267
SSIDs, p. 267
( )
( )
( )
Enable Secure Shell (ssh) for CLI (command line)
access.
Confirm telnet access is disabled (done by default).
Confirm management over the wireless network is
disabled.
Management Control,
p. 237
Global Settings, p. 318
To Next Page
Loading...
