top of page
< Back

1.3.7 PCI DSS (v3.2.1)

Compliance Standard

Compliance Version

Control ID

PCI DSS

(v3.2.1)

1.3.7

Requirement 1: Install and maintain a firewall configuration to protect cardholder data. Establish and implement firewall and router configuration standards

(v3.2.1)

Do not disclose private IP addresses and routing information to unauthorized parties.

Note: Methods to obscure IP addressing may include, but are not limited to:
• Network Address Translation (NAT)
• Placing servers containing cardholder data behind proxy servers/firewalls,
• Removal or filtering of route advertisements for private networks that employ registered addressing,
• Internal use of RFC1918 address space instead of registered addresses.

bottom of page