0 Replies Latest reply on Feb 13, 2014 10:01 AM by penoffd

    Logging WMI Events from a PCI Compliant Server

    penoffd

      We are in the process of deploying a server that is in a segmented network that is PCI compliant due to its need to handle credit card transactions.  Is there a "best practices" approach to connecting to it with the SIEM either directly or using the agent and maintaining PCI compliance?

       

      Our understanding of PCI would indicate this is not possible without the SIEM being in scope.

       

      Our thinking is to set up some form of syslog server in the segmented network and having the SIEM poll it for the logs, which would take the SIEM out of scope.

       

      ??