top of page
< Back

1.3.7 PCI DSS (v3.2.1)

Compliance Standard

Compliance Version

Control ID




Requirement 1: Install and maintain a firewall configuration to protect cardholder data. Establish and implement firewall and router configuration standards


Do not disclose private IP addresses and routing information to unauthorized parties.

Note: Methods to obscure IP addressing may include, but are not limited to:
• Network Address Translation (NAT)
• Placing servers containing cardholder data behind proxy servers/firewalls,
• Removal or filtering of route advertisements for private networks that employ registered addressing,
• Internal use of RFC1918 address space instead of registered addresses.

bottom of page