1.1.3 Requirements for a firewall at each Internet connection and between any demilitarized zone (DMZ) and the internal network zone
1.1.3 Verify that firewall configuration standards include requirements for a firewall at each Internet connection and between any DMZ and the internal network zone. Verify that the current network diagram is consistent with the firewall configuration standards.
I have a small business with one server. The server is set up to be a terminal server and has all my applications on it including Point of Rental system that is the front end program that we use to make a sale and run credit cards that program uses PC Charge as the back end to actually process the card. The Point of Rental program is PCI compliant and the PC Charge program is PCI compliant the card holder data is on the terminal server and it is encrypted. The terminals connect to the server by Remote Desktop Connection and like I said all the programs I use are on the server email internet explorer and such. Since the programs are on the same server I have no way to run a DMZ is there anyway to meet 1.1.3 requirement with what I have described or is it necessary since the card holder data is encrypted.
My Sonicwall allows me to create a separate DMZ just for the system receiving the credit card information and sending it to the gateway.
Since it’s in it own DMZ, does this render the other DMZ out of scope? If there is not form of comunication between them?