Smart Firewall and PCI-DSS Compliance

Hey guys,
with regard to " To receive the full benefits of the Sangoma Smart Firewall, you should ensure that no other firewall is intercepting traffic to this machine. This is normally accomplished by configuring your internet connection to place this machine in the ‘DMZ’ of your gateway.

If you are unable to do this, it is unlikely that Responsive Firewall will work correctly, if at all."

Has anyone run into problems achieving PCI-DSS compliance on their broadband with this configuration?

The real question is, why would you need both? If you already have a firewall that needs to meet PCI-DSS compliance then it can handle protecting your PBX and making the PBX firewall moot.

The "responsive firewall’ refers specifically to the feature where inbound signaling packets from unregistered source IPs are counted/filtered/blocked. For responsive to work correctly, the assumption is that nothing else is blocking incoming signaling. All other firewall features should work as expected assuming you don’t have anything else that is also directly configuring iptables on the PBX. Certainly having a PBX behind an external hardware firewall/router is a very common configuration and is known to generally work as expected.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.