User Guide
Wi-Fi Array
Appendix D: Implementing Security Standards 421
Appendix D: Implementing Security
Standards
This Appendix discusses two security standards which are supported by the
Wi-Fi Array, and discusses their implementation.
z Implementing PCI DSS on the Wi-Fi Array
z Implementing FIPS Security on the Wi-Fi Array
Implementing PCI DSS on the Wi-Fi Array
The Payment Card Industry (PCI) Data Security Standard (DSS) was developed
by major credit card companies to help those that process credit card transactions
(or cardholder information) in order to secure cardholder information and protect
it from unauthorized access, fraud and other security issues. It lays out a set of
requirements that must be met in order to provide adequate security for sensitive
data.
Implementation of PCI DSS on the Wi-Fi Array is described in the Xirrus White
Paper, PCI Data Security Standard, available on the Xirrus web site. This
document:
z Lists the specific requirements of PCI DSS for wireless networking.
z Describes how these requirements are satisfied by the Wi-Fi Array.
z Provides a Checklist of the exact steps that must be taken in order to
deploy the Array in accordance with PCI DSS.
The pci-audit Command
The Array provides a CLI command, pci-audit, that will check whether the
Array’s configuration satisfies PCI DSS wireless requirements. This command
does not change any parameters, but will inform you of any violations that exist.
Furthermore, the command pci-audit enable will monitor changes that you make
to the Array’s configuration in CLI or the WMI, and warn you (and issue a Syslog
message) if the change violates PCI DSS requirements. Use this command in
conjunction with the Xirrus Array Configuration Checklist in the White Paper to
ensure that you are using the Array in accordance with the PCI DSS requirements.