What's new in PCI DSS content update release
HCL BigFix Compliance PCI Add-on provides additional support and enhancement in the recent update.
For a detailed list of releases, see the PCI DSS Release Notes.
PCI DSS Policy Reporting
The new PCI DSS Policy reporting, which is available in BigFix Compliance Analytics V1.9,
identifies the level of compliance for each system within an entire organization based on a specific
PCI DSS requirement or PCI DSS milestone. It also provides a report which shows an aggregated view
of compliance data across all PCI DSS checklists. To view the available policy reporting, see PCI DSS policies.
Note: BigFix Compliance PCI Add-on provides the
PCI DSS Reporting site to allow you to use the Policy feature in BigFix
Compliance Analytics V1.9. This site contains the metadata file required for creating the PCI DSS
Requirements and Milestones based reports.
Important: You must complete a few
other prerequisites before you can use the PCI DSS Policy reporting. For more information, see Setting up the PCI DSS Policy Reports for BigFix Compliance Analytics V1.9 and later.
The PCI DSS Policy reporting enables the following users to prepare and manage compliance for PCI DSS:
- Compliance Managers can generate reports from a requirements perspective to prepare for the audit report in accordance with the guidelines provided by the PCI Security Standards Council.
- Compliance Managers and organizations can use the milestone report views during early PCI DSS adoption to understand compliance posture and prioritize actions.
- IT Managers can map the compliance data to specific computers and assign corresponding personnel to remediate non-compliant checks.
Additional operating system support
BigFix Compliance PCI Add-on continues to expand its support coverage. The following operating
systems have been recently supported:
- Windows Server 2016
- The PCI DSS Checklist for Windows 2016 is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your Windows Server 2016 endpoints according to PCI DSS.
- Solaris 10 and Solaris 11
- The PCI DSS Checklist for Solaris 10 and PCI DSS Checklist for Solaris 11 are based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your Solaris endpoints according to PCI DSS.
- CentOS 6 and CentOS 7
- Checks for CentOS 6 are now supported in the PCI DSS Checklist for RHEL 6, while checks for CentOS 7 are now supported in the PCI DSS Checklist for RHEL 7. The checks are based on the existing RHEL 6 and RHEL 7 checks.
- AIX 6.1
- The PCI DSS Checklist for AIX 6 is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your AIX 6.1 endpoints according to PCI DSS.
- AIX 7.2
- The PCI DSS Checklist for AIX 7 is based on the guidance provided by the Payment Card Industry Data Security Standard (PCI DSS) v3.2 and contains security configuration checks that evaluate the security settings of your AIX 7.2 endpoints according to PCI DSS.
Remedation support for Windows 10, Windows 7, Windows 2012, Windows 2008, and AIX 7
The sites for these operating systems are updated to include more checks with remediation support, allowing BigFix operators to efficiently remediate a non-compliance issue with a single action.