- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2017 10:23 AM
Has anyone set up discovery of payment card processing devices? Currently we are performing a monthly physical inventory but I would like to set up a discovery schedule to pick up these devices as a distinct CI - asset class. Thoughts on the best way to approach this task are welcome. Is a custom probe required?
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-02-2017 12:28 AM
Hey, you're welcome... And I noticed your nice multi-language 'thank you', tailored for Switzerland!
Looking at the list of available probes, I would hope your devices all respond to SNMP protocol. (Simple Network Management Protocol - Wikipedia)
In this case you can use the generic 'SNMP - Identify' probe.
Your first task is to check how your devices respond to SNMP queries. There are lots of good tools for that, and you may have to ask your network engineer for assistance.
If that's the case, you will have to set SNMP support for Discovery and Create a Discovery CI classification.
Unfortunately, I will not be able to help you further, since I can't activate discovery on a dev instance. But this is a very interesting problem from my point of view, being a PCI DSS Security Officer and ServiceNow Implementation Specialist.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2017 11:12 AM
Hi Remi,
Are you speaking of dedicated card readers, computers used as POS or servers related to card holder data in the scope of PCI DSS?
Are those devices already picked by Discovery? Do you have softwares that you need to track too?
If they are not covered by the out of box list of probes (List of Discovery multi-probes) you will probably have to create one. Creating Custom Probes and Sensor for Discovery.
For PCI DSS audits, you may wish to have an easy way to list all CI in the scope. If they are of several classes, you could create a custom true/false flag at the root of the cmdb to link your CIs to your CDE.
P.S: I'm not a Discovery expert, but I was a PCI DSS Security Officer for 2 years.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-01-2017 02:26 PM
Hi Shiva,thanks for your answer. We are looking at tracking point of sale device card reader devices like the First Data FD130. I don't think they are currently being picked up by discovery. I was wondering if someone knows if one of the existing probe types is suitable for this purpose.
Merci/Danke/Grazie!
Remi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-02-2017 12:28 AM
Hey, you're welcome... And I noticed your nice multi-language 'thank you', tailored for Switzerland!
Looking at the list of available probes, I would hope your devices all respond to SNMP protocol. (Simple Network Management Protocol - Wikipedia)
In this case you can use the generic 'SNMP - Identify' probe.
Your first task is to check how your devices respond to SNMP queries. There are lots of good tools for that, and you may have to ask your network engineer for assistance.
If that's the case, you will have to set SNMP support for Discovery and Create a Discovery CI classification.
Unfortunately, I will not be able to help you further, since I can't activate discovery on a dev instance. But this is a very interesting problem from my point of view, being a PCI DSS Security Officer and ServiceNow Implementation Specialist.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-02-2017 10:36 AM
Thanks Shiva! I'll update this thread later with what I learn. Thanks for pointing me in the right direction.
Remi
