×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
We were thinking of a separate partition, or a new Power 710,
then using DDM to access the data.
A separate partition and a new 710 are over-kill; you don't need to spend that much. And DDM will cause performance problems. Here's a good overview of PCI requirements:
http://www.pcicomplianceguide.org/pci-basics.php
And here is a detailed explanation of the intent of each requirement:
https://www.pcisecuritystandards.org/documents/navigating_dss_v20.pdf
I would suggest using a pair of $100/each routers to establish a DMZ. Route HTTP traffic from the DMZ to an IBM i HTTP / HTTPS instance serving as a "reverse-proxy" and general web server, which in turn routes CGI or PHP (or whatever) I/O to a separate IBM i HTTP instance on a separate IP address and port. That type of configuration clearly meets both the "letter" and intent of numerous points in the standard, without extra server hardware.
If you want to get pedantic, you could run your HTTP / HTTPS reverse-proxy under Linux on commodity hardware in the DMZ.
Feel free to contact me off-line if you'd like help with such a configuration.
-Nathan
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
