Ask your questions for Eli and the rest of the Silicon Discourse community here.  Build your reputation by giving advice to others too!



What is the requirement or good practice for being PCI compliance looking at a firewall stands point?

I currently have a SonicWall in place at a restaurant, with CFS and NAT rules in place for the POS Server only. The NAT rules are only allowing traffic from specific IP from the outside world. The CFS is for blocking employees that will randomly jump onto the server to check email get on special media, or whatever they do.


I’d stay 100 miles away from PCI compliance at this point.  Upgrade the system so that someone else is handling the credit cards, whether it’s through Square, or a credit card terminal.

It’s just not worth the risk anymore…