1.3.5 Do not allow unauthorized
outbound traffic from the cardholder
data environment to the Internet.
1.3.5 Examine firewall and router configurations to verify that
outbound traffic from the cardholder data environment to the
Internet is explicitly authorized.
All traffic outbound from the cardholder data
environment should be evaluated to ensure that it
follows established, authorized rules. Connections
should be inspected to restrict traffic to only
authorized communications (for example by
restricting source/destination addresses/ports,
and/or blocking of content).