The PCI Compliance page is available only for the Enterprise License users.
Access the PCI Compliance
- In the navigation panel on the left of the Homepage, select Security > PCI Compliance.
- The PCI Compliance window appears. Select the required scope, the corresponding entity, and the duration for which you require the data. Click Assess.
- The PCI Compliance page appears.
PCI Compliance page details
The PCI Compliance page helps in assessing compliance against the PCI requirements only in the NSX environment. These requirements are mentioned under the first pin in the dashboard. The rest of the pins in the dashboard that provide data for the assessment of these requirements are as follows:
- Network flow diagram: It shows the data flow, firewalls, connections, and other details associated with a network.
- Flows: It lists the flows that you view in the network flow diagram.
- Clear text protocol flows based on the destination port: The traffic that flows on certain ports are in clear text. This pin displays the clear text protocol flows based on a particular destination port.
- Virtual machines in scope: It shows the virtual machines in the scope that you have selected in the query. This pin shows the outgoing rules, incoming rules, and security groups for virtual machines in that scope.
- Security groups of virtual machines: It lists the security groups of the virtual machines.
- Virtual machine count by Security Groups: You can view the list of the virtual machines in a security group by clicking Count in this pin.
- Virtual machine count by Security Tags: You can view the list of virtual machines with security tags by clicking Count in this pin.
- Firewall rules applied on internal traffic : You can view the firewall rules for the traffic between the virtual machines within the selected scope.
- Firewall rules applied on incoming traffic: You can view the firewall rules for the traffic that is coming from a virtual machine outside the scope to the virtual machine within the selected scope.
- Firewall rules applied on outgoing traffic: You can view the firewall rules for the traffic that is going to a virtual machine outside the scope from the virtual machine within the selected scope.
- Security tag membership changes: The changes related to the membership for security tags are shown in this pin.
- Security group membership changes: The changes related to the membership of a security group are shown in this pin.
- Firewall rule changes: The changes related to any firewall rule is listed in this pin.
Note: If NSX has nested security groups, then the scope of PCI Compliance should be other than security group.