1.2 Build firewall and router
configurations that restrict connections
between untrusted networks and any
system components in the cardholder
data environment.
Note: An “untrusted network” is any
network that is external to the networks
belonging to the entity under review,
and/or which is out of the entity’s ability
to control or manage.
1.2 Examine firewall and router configurations and perform the
following to verify that connections are restricted between
untrusted networks and system components in the cardholder
data environment:
It is essential to install network protection between
the internal, trusted network and any untrusted
network that is external and/or out of the entity’s
ability to control or manage. Failure to implement
this measure correctly results in the entity being
vulnerable to unauthorized access by malicious
individuals or software.
For firewall functionality to be effective, it must be
properly configured to control and/or limit traffic
into and out of the entity’s network.