Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Many parts of requirement 1 such as your wireless network or router setup do not directly relate to HCL Commerce, but the requirements that relate to your site topology are extremely important. You must construct your HCL Commerce site so that you never store cardholder data on internet-accessible systems. Additionally, HCL Commerce sites should always use firewalls to separate themselves from the internet, internal networks, and any other system that is accessible to the internet. Refer directly to the PCI DSS for details on this requirement.
- Section 1 of the PCI-DSS requires that customers and resellers/integrators use a firewall or a personal firewall product if the computer is connected using VPN or other high-speed connections, in order to secure these "always-on" connections.
- If a wireless network is in place, install a firewall between the wireless network and the
cardholder data system as per PCI DSS Requirement 1.2.3:
Install perimeter firewalls between any wireless networks and the cardholder data environment, and configure these firewalls to deny or control (if such traffic is necessary for business purposes) any traffic from the wireless environment into the cardholder data environment.