Home
Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
Using checks and checklists
The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
Viewing checks from BigFix Compliance Analytics
The compliance status of each PCI DSS check and checklist is calculated by BigFix Compliance Analytics during a periodic Extract Transform and Load (ETL) process.

Payment Card Industry (PCI) Add-on User Guide
BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Overview
  HCL BigFix Compliance PCI Add-on is a new chargeable component that provides security configuration checklists that are based on the Payment Card Industry Data Security Standard (PCI DSS). These compliance checks are designed to help ensure continuous compliance at every endpoint in your organization.
- Setup
  Complete configuration steps to access the PCI DSS checklists and checks and ensure accurate relevance evaluation on the endpoints.
- Using checks and checklists
  The check Fixlets in Configuration Management checklists assess an endpoint against a configuration standard. Many check Fixlets have a corresponding analysis, sometimes referred to as measured values, that report the value of the element that the check Fixlet evaluates.
  - Viewing check Fixlets from the HCL BigFix console
    A check Fixlet becomes relevant when a client computer is out of compliance with a configuration standard. By viewing the Configuration Management Fixlets, Console Operators can identify non-compliant computers and the corresponding standards.
  - Viewing checks from BigFix Compliance Analytics
    The compliance status of each PCI DSS check and checklist is calculated by BigFix Compliance Analytics during a periodic Extract Transform and Load (ETL) process.
  - Creating custom checklists
    Create custom copies of the PCI DSS content if you want to modify the checks based on a specific corporate policy. You can manually create a custom site to host the PCI DSS checklists or use the Create Custom Checklist wizard to create copies of the PCI DSS checklists and save them in a custom site.
  - Modifying check parameters
    In addition to monitoring compliance status and remediating settings that are out of compliance, you can also modify the values for the defined configuration settings according to company policies.
  - Remediating configuration settings
    The PCI DSS checklists support remediation. Console operators can resolve a vulnerability issue with a single action. A remediation action can only be taken on an endpoint where the Fixlet is relevant.
- Understanding the results in BigFix Compliance Analytics
  Use BigFix Compliance Analytics (formerly known as Security and Compliance Analytics or SCA) to navigate and explore security configuration check results.
- Resources
  You can find more information about Security Configuration Management and PCI DSS in the following resources.

Viewing checks from BigFix Compliance Analytics

The compliance status of each PCI DSS check and checklist is calculated by BigFix Compliance Analytics during a periodic Extract Transform and Load (ETL) process.

BigFix Compliance Analytics provides report views and tools for managing the vulnerability of PCI DSS checks.

The PCI DSS checks that are activated in the HCL BigFix console are evaluated on each computer in your deployment and returns a status of pass, fail, or not applicable to BigFix Compliance Analytics.

Each computer also reports computer properties and analysis values, such as check measured values that are active in your deployment. Check results are aggregated by the BigFix Compliance Analytics server and augmented by computer properties and analysis values to provide compliance overviews and detailed lists of results.

For more information about how the checks are presented in different compliance reports, see Understanding the results in BigFix Compliance Analytics.