Accessing the PCI DSS Fixlet sites

Before you can access the security configuration checklists that are related to PCI DSS, you must acquire the sites and accept the license agreement. After you acquire the site, you must gather the contents of the site to your console. You must also subscribe your computers to the site so that they can access the PCI DSS content.

Before you begin

If you have enabled any of the PCI DSS beta sites in your environment, you must first remove them to avoid any conflicting issues with the production sites. If you fail to do so, the content in the production sites will fail.

About this task

You can access the PCI DSS sites only if you have a valid license for the HCL BigFix Compliance PCI Add-on component. For details about getting a license, contact HCL Software Support.

The procedure for acquiring the PCI DSS sites and gathering the contents of the site is similar to the procedure for other BigFix applications and sites. You can subscribe to a PCI DSS site by using the License Overview Dashboard from the BigFix Management domain only if you have purchased the license.


  1. From the BigFix console, go to the BigFix Management domain and click License Overview.
  2. Scroll down to the PCI DSS Security and Compliance section of the License Overview dashboard.
    Note: The PCI DSS Security and Compliance section will only be visible if you have purchased the license.
  3. Click Enable beside the PCI DSS sites that you want to your computers to subscribe to.
    The site is added as an external site in the HCL BigFix Console. It typically takes a few minutes for the contents to become available on your system.
    Figure 1. License Overview dashboard

    License Overview dashboard
  4. Go to the Security Configuration domain.
  5. Click All Security Configuration > Sites > External Sites, and then click the added site.
  6. Click the Computer Subscriptions tab to subscribe the computers to a site.
    Note: Limit the access to the site to only the computers that you want to be able to use the PCI DSS checklists.