Chapter 7 – PCI DSS Compliance

Compliance

This FortiOS Handbook chapter contains the following sections:

Configuring FortiGate units for PCI DSS compliance on page 797 explains the Payment Card Industry Data Security Standard (PCI DSS). It provides information about configuring your network and FortiGate unit to help you comply with PCI DSS requirements.

FortiOS 5.4 PCI DSS compliance new features

Vulnerability Scanning has been removed (293156)

Vulnerability scanning can now be done from FortiClient.

PCI DSS Compliance Check Support (270014)

FortiOS 5.4 allows you to run a compliance check either on demand or according to a schedule that automatically checks PCI DSS compliance at the global or VDOM level. The compliance check determines whether the FortiGate is compliant with each PCI DSS requirement by displaying an ‘X’ next to the non-compliant entries in the GUI logs.

Go to System > Advanced > Compliance, turn on compliance checking and configure a daily time to run the compliance check. Or you can select Run Now to run the compliance check on demand.

Go to Log & Report > Compliance Events to view compliance checking log messages that show the results of running compliance checks.