× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



From: Matt Olson
PCI is not focused on intel servers.

What about:

"2.2.1 Implement only one primary function per server to prevent functions that require different security levels from co-existing on the same server. (For example, web servers,  database servers, and DNS should be implemented on separate servers.)"

While there's no mention of Intel or Windows, PCI foments the idea that distributed application architecture is more secure, when in fact it is normally LESS secure because of the difficulty of administering multiple types of security, the disparity between security mechanisms, and the complexity of managing multiple environments.

Intel servers can perfectly house hundreds/thousands of applications
on a single box, just like the i.

You say Intel, but you must mean Windows or Linux wherein complex workloads tend to destabilize those environments.

However most people chose not to as it's a single point
of failure.


That seems co support my assertion that complex workloads tend to cause Windows and Linux environments to fail. I'd be interested in hearing a rebuttal.

-Nathan




-----Original Message-----
From: DrFranken [mailto:midrange@xxxxxxxxxxxx]
Sent: Thursday, August 29, 2013 12:54 PM
To: Midrange Systems Technical Discussion
Subject: Re: iSeries public WEB access, PCI security issues

I agree, FUD.

I seem to recall that PCI says you cannot store Credit Card numbers for more than 3 days period and even if you do they must be encrypted. Most of the folks I work with that do Credit Card transactions store only the last four digits for any length of time.

And while I won't list them I know of MANY companies who's IBM i servers are connected directly to the internet with web and database on the same server.  PCI seems to be interpreted to focus on Intel based systems where proliferation of servers is needed to support staff size and Microsoft and Oracle revenue streams.


        - Larry "DrFranken" Bolhuis

www.frankeni.com
www.iDevCloud.com
www.iInTheCloud.com

On 8/28/2013 10:58 AM, rob@xxxxxxxxx wrote:

I question whether someone says PCI rules don't allow this as FUD
rather than fact.

You're probably not interested in how we serve up our public
accessible parts of our website that require login's for customers and
suppliers that are Domino based...


Rob Berendt

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.