Compliance Reports -- PCI Report generated 2016-02-09 13:27:52 (America/Los_Angeles) The Payment Card Industry Data Security Standard (PCI DSS) specifies requirements to make sure that your firewall provides a secure solution for your network and all payment card data that is transmitted through your network. The PCI DSS security requirements apply to all the components of your network that connect to the cardholder data environment. This PCI compliance report packages all the key information that you need from the firewall to monitor compliance issues in one convenient dashboard and report. Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 1 UK Office Network Security Compliance Reports -- PCI Device(s): webdemo (208.146.43.35) 80B002F27FEAC From: 2015-08-17 00:00:00 (America/Los_Angeles) To: 2015-08-20 00:00:00 (America/Los_Angeles) Available Reports Zero-Day Malware (APT) - Malicious Activity Advanced Malware (APT) - Content Name Gateway AntiVirus - Virus Intrusion Prevention Service - Signature Alarms Summary Denied User Authentication Report Audit Trail Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 2 UK Office Network Security Compliance Reports -- PCI Zero-Day Malware (APT) - Malicious Activity PCI-DSS Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs Malicious software, commonly referred to as "malware" -- including viruses, worms, and Trojans -- enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Additional anti-malware solutions may be considered as a supplement to the anti-virus software. APT Blocker is a supplemental solution that uses sandbox analysis to find "zero-day" exploits. This report includes threats that were identified by APT Blocker as zero-day malware after they passed through the firewall. Hits Autostart: Registering a ... Signature: Identified dow... Settings: Registering a n... Network: Adware-related t... File: Modifying executabl... Autostart: Registering a ... Autostart: Activating dll... Settings: Modify ActiveX ... Reputation: Signed by Web... File: Dropping executable... 0 2 4 6 8 10 Malicious Activity Hits Hits (%) Autostart: Registering a dll for automatic loading in user applications 6 12.77 Signature: Identified downware code 5 10.64 Settings: Registering a new browser helper 5 10.64 Network: Adware-related traffic observed 5 10.64 File: Modifying executable in user-shared data directory 5 10.64 Autostart: Registering a new service at startup 5 10.64 Autostart: Activating dll automatic loading in user applications 5 10.64 Settings: Modify ActiveX control restrictions 4 8.51 Reputation: Signed by Web Pick - Internet 4 8.51 File: Dropping executable with suspicious name 3 6.38 Total: 19 47 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 3 UK Office Network Security Compliance Reports -- PCI Advanced Malware (APT) - Content Name PCI-DSS Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs Malicious software, commonly referred to as "malware" -- including viruses, worms, and Trojans -- enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Additional anti-malware solutions may be considered as a supplement to the anti-virus software. APT Blocker is a supplemental solution that uses sandbox analysis to find "zero-day" exploits. This report includes advanced malware that was blocked at the firewall by the APT Blocker Subscription Service. Hits lottery_winner fedex_package 0.0 0.5 1.0 1.5 2.0 2.5 Allowed Denied Hits Hits Hits (%) Content Name Threat ID lottery_winner d485d789944e47199ca60374b8f94c3f 0 2 66.67 fedex_package 0b4c4d9f016d454f9d9005f1bfd8207c 0 1 33.33 0 3 Total: 2 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 4 UK Office Network Security Compliance Reports -- PCI Gateway AntiVirus - Virus PCI-DSS Requirement 5: Protect all systems against malware and regularly update anti-virus software or programs Malicious software, commonly referred to as "malware" -- including viruses, worms, and Trojans -- enters the network during many business-approved activities including employee e-mail and use of the Internet, mobile computers, and storage devices, resulting in the exploitation of system vulnerabilities. Anti-virus software must be used on all systems commonly affected by malware to protect systems from current and evolving malicious software threats. This report includes all viruses that were detected and blocked by your firewall. Number of Viruses Luhe.MaZec.M Inject2.CHBA Luhe.MaZec.J Inject2.CHDW 0 5 10 15 20 25 Virus Allowed Hits Denied Hits Hits (%) Luhe.MaZec.M 0 15 51.72 Inject2.CHBA 0 7 24.14 Luhe.MaZec.J 0 5 17.24 Inject2.CHDW 0 2 6.9 Total: 4 0 29 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 5 UK Office Network Security Compliance Reports -- PCI Intrusion Prevention Service - Signature PCI-DSS Requirement 11: Regularly test security systems and processes. Vulnerabilities are being discovered continually by malicious individuals and researchers, and being introduced by new software. 11.4 Use intrusion-detection and/or intrusion-prevention techniques to detect and/or prevent intrusions into the network. Monitor all traffic at the perimeter of the cardholder data environment as well as at critical points in the cardholder data environment, and alert personnel to suspected compromises. The Intrusion Prevention Service report includes all intrusion events that were detected and blocked by the firewall. Number of Intrusions 1055396 0.0 0.2 0.4 0.6 0.8 1.0 Signature Name Allowed Hits Denied Hits Hits (%) 1055396 WEB Cross-site Scripting -9 0 1 100.0 0 1 Total: 1 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 6 UK Office Network Security Compliance Reports -- PCI Alarms Summary PCI-DSS Requirement 10.6.1 Review the following at least daily: All security events, Logs of all critical system components 6.4 Follow change control processes and procedures for all changes to system components. Guidance: Daily review of security events -- for example, notifications or alerts that identify suspicious or anomalous activities-as well as logs from critical system components, and logs from systems that perform security functions, such as firewalls, IDS/IPS, file-integrity monitoring (FIM) systems, etc. is necessary to identify potential issues. The Alarms dashboard highlights any security events that triggered alarms or alerts configured on your firewall. Hits FTP-Client.2-px APT HTTP-Client.1-av HTTP-Client.1-px IPS 0 5 10 15 20 Alarm Name Hits Hits (%) FTP-Client.2-px 17 60.71 APT 6 21.43 HTTP-Client.1-av 2 7.14 HTTP-Client.1-px 2 7.14 IPS 1 3.57 Total Rows: 5 28 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 7 25 UK Office Network Security Compliance Reports -- PCI Denied User Authentication Report PCI-DSS Requirement 10.2.4 Invalid logical access attempts Guidance: Malicious individuals will often perform multiple access attempts on targeted systems. Multiple invalid login attempts may be an indication of an unauthorized user's attempts to "brute force" or guess a password. This User Authentication report includes details about user access through your firewall, and specifies any denied authentication events. User Location Login Time Reason [email protected] Gaston 2015-08-17 11:04:28 password is incorrect [email protected] Medusa 2015-08-17 11:58:49 password is incorrect [email protected] Medusa 2015-08-17 12:02:24 user doesn't exist [email protected] Medusa 2015-08-17 12:02:27 user doesn't exist [email protected] Medusa 2015-08-17 12:02:36 password is incorrect [email protected] Medusa 2015-08-17 12:02:39 password is incorrect [email protected] Medusa 2015-08-17 12:02:47 password is incorrect [email protected] Medusa 2015-08-17 12:02:50 password is incorrect [email protected] Gaston 2015-08-17 14:50:22 user doesn't exist [email protected] Gaston 2015-08-17 14:50:30 user doesn't exist [email protected] Ursula 2015-08-18 10:39:08 password is incorrect [email protected] Ursula 2015-08-18 10:39:10 password is incorrect [email protected] Ursula 2015-08-18 10:39:12 password is incorrect [email protected] Ursula 2015-08-18 10:39:14 password is incorrect [email protected] Medusa 2015-08-18 11:19:01 password is incorrect Total: 15 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 8 UK Office Network Security Compliance Reports -- PCI Audit Trail Requirement 10: Track and monitor all access to network resources and cardholder data 10.2 Implement automated audit trails for all system components. The Audit Trail report maintains a record of changes that have been made to the firewall configuration and who made them. Time User IP Message 2015-08-18 11:22:16 admin@Dime nsion 52.10.80.180 modified Alias 2015-08-18 11:22:16 admin@Dime nsion 52.10.80.180 modified Policy HTTP-proxy.accounting-00 2015-08-18 11:22:16 admin@Dime nsion 52.10.80.180 modified Policy 2015-08-18 11:22:16 admin@Dime nsion 52.10.80.180 modified Alias HTTP-proxy.accounting.1.to 2015-08-18 11:22:16 admin@Dime nsion 52.10.80.180 modified Alias HTTP-proxy.accounting.1.from 2015-08-18 11:24:34 admin@Dime nsion 52.10.80.180 modified Alias 2015-08-18 11:24:34 admin@Dime nsion 52.10.80.180 added Policy SMTP-proxy-00 2015-08-18 11:24:34 admin@Dime nsion 52.10.80.180 added Alias SMTP-proxy.1.to 2015-08-18 11:24:34 admin@Dime nsion 52.10.80.180 added Alias SMTP-proxy.1.from 2015-08-18 11:24:34 admin@Dime nsion 52.10.80.180 modified Policy 2015-08-18 11:24:50 admin@Dime nsion 52.10.80.180 modified Alias FTP-proxy.1.from 2015-08-18 11:24:50 admin@Dime nsion 52.10.80.180 modified Policy FTP-proxy-00 2015-08-18 11:24:50 admin@Dime nsion 52.10.80.180 modified Policy 2015-08-18 11:24:50 admin@Dime nsion 52.10.80.180 modified Alias FTP-proxy.1.to 2015-08-18 11:24:50 admin@Dime nsion 52.10.80.180 modified Alias Total: 15 Prepared by PT Network Group - Your Partner for Smart and Secure Networks Page 9
© Copyright 2026 Paperzz