NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

PCI-DSS scan fail

1 Topic

FVS318Gv2 fails PCI-DSS scans
We use these for gateway to gateway vpn connections between remote offices and the main office. No real issues there now, until they failed a Trustwave scan because of Netgear's built-in certificate on port 443. The Netgear cert only uses a public key length of 1024 with 64 bit blocks. We have also discovered the the Netgear equipment only uses SSL2, SSL3, and TLS1 all of which are obsolete. I know I can disable remote access to the configuration interface and pass the PCI-DSS scan, but then I have to drive to the remote locations to read their log files and make any needed config updates. On the VPN side we use 2048 bit certificates with no issues showing up. At this point I'm looking at my options in the event I have to change hardware vendors, something I'd rather not do.
Solved
TCD-Experea
Dec 18, 2016 Place Business Pro Routers
5.4KViews
0likes
6Comments