PCI Scan Results Report for Individual Host
The PCI Scan combines the Security Scan Results Report for Individual Host with some internal configuration checks (e.g. if anti-virus is used, if firewall is used, correct usage of password history, if screensaver password is used etc.).
Note - The PCI scan also looks for PAN scan results data in order to comply with PCI DSS requirements (information and results are displayed in the PCI DSS Details section (described below) which has a requirement covering PAN data). For this scan to work effectively (and use current data) you need to run the PAN scan first, otherwise only the most recent PAN results will be used.
The Scan Results report for this scan shows:
- PCI DSS Summary - Displays either Pass or Fail for:
- The PCI-specific configuration checks. Metrics display those settings that have passed (In Place), those that have failed (Not in Place) and those that were skipped (Not Evaluated) for whatever reason.
- The patch policy and vulnerability checks (from the Security scan). Metrics show the severity of the vulnerability, (high, medium or low) based on the CVSS score. See Patch Policy and Vulnerability Severity Rating and CVSS Score for more info.
- PCI DSS Details - Lists PCI DSS requirements, originating from the Security Standards Council to find at risk data. Details include:
- Requirement background and details.
- Testing Procedures - Steps to test for compliance.
- Results - The results of each associated check - either Compliant or Not Compliant (with the requirement).
- Making Sure You Are Compliant - Compliance information relating to the associated requirement.
- Vulnerability Summary - Graph shows vulnerability count by severity and % of vulnerabilities by vendor. See Patch Policy and Vulnerability Severity Rating and CVSS Score for more info.
- Vulnerability by Vendor Details - List of failed checks for each OS and vendor - and how to fix.
- Vulnerability Details - Includes Vulnerability Policy Details and Patch Policy Details - and instruction on how to fix/update.
- Network Port Details - Displays listening TCP/IP ports on your system. Listening ports indicate that a service is listening for external communication from a remote computer.
- Review the list of open ports to determine if they are absolutely necessary.
- Disable any unnecessary services to reduce the risk of compromise from malware or attackers. We recommend that you back up your system before making any changes.
- Your local IT administrator will be able to provide you with guidance on managing your network ports.