Educause Security Discussion mailing list archives
Re: PCI
From: Paul Kendall <PKendall () ACCUDATASYSTEMS COM>
Date: Mon, 27 Jun 2011 09:44:56 -0500
Not True. It may mean you have to change your scheduling for performing scanning if you have large network segments, but it can definitely be done. Paul L. Kendall =================================== Paul L. Kendall, CGEIT, CISM, CISSP, CSSLP Certified HIPAA Professional Certified HIPAA Security Specialist PCI Qualified Security Assessor Senior Consultant - Assessments & Compliance Main 281.897.5000 | Direct 817.496.6450 | Cell 713.446.5259 | http://www.accudatasystems.com<http://www.accudatasystems.com/> Tower Three Galleria | 13155 Noel Road, Suite 920 | Dallas, TX 75240 [cid:image001.gif@01CC34AE.DF7DA8D0]<http://www.facebook.com/accudatasystems> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jacobson, Dick Sent: Monday, June 27, 2011 9:41 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] PCI I attended a IPv6 seminar last week and am wondering if I heard something correctly. This did not register with me until after the seminar and since the seminar I have been looking for an email address for Johannes Ullirich (the instructor), but have not found one, and asked a few people around here about this. I have not been able to get a half-way-confident answer so I am bringing the question here. I think I heard that on an IPv6 network, you can not be PCI compliant because (I think) the size of the address space makes it impossible to scan in a timely manner, as required. Does this question make sense ? Any comments/thoughts for me ?