Thales宣佈更換HSM及P3CM所使用的Smart Card,將不支援舊版韌體規格

Thales has launched a new smart card to store the Local Master Key components, and configuration details. This new smart card is compatible with all versions of HSM 8000 firmware from v2.4d onwards, and with P3CM-250 firmware supplied with P3 v1.7 onwards.

The previous smart card (known as a “PC3” card) continues to work with all RG7000s, HSM 8000s (all firmware versions), and P3CM-200/250 (all firmware versions). The table below indicates which smart cards operate with which versions of firmware:

HSM Model RG-7000 HSM 8000 P3CM
Firmware Version All Version V1.0a – V2.4c V2.4d – V1.0 – V1.6 V1.7 –
New Smart Card No No Yes No Yes
Old Smart Card Yes Yes Yes Yes Yes

HSM 8000 users

HSM 8000 firmware based on release v2.4d or later will work seamlessly with both new and old (PC3) smart cards. All existing PC3 cards in live environments (e.g. holding LMK components, stored configuration data, etc.) will continue to be valid indefinitely.

All new orders for HSM 8000 products will be shipped with the new smart cards – it is no longer possible to supply the older PC3 smart cards.

Customers who wish to order pre-v2.4d firmware (which will only support the PC3 smart card) should discuss this with their Thales account manager or Channel.

P3CM users

P3CM firmware that accompanies P3 release v1.7 or later will work seamlessly with both new and old (PC3) smart cards. All existing PC3 cards in live environments (e.g. holding LMK components, stored configuration data, etc.) will continue to remain valid indefinitely.

All new orders for P3CM-250 products will be shipped with the new smart cards – it is no longer possible to supply the older PC3 smart cards.

Customers who wish to order pre-v1.7 version of P3 (which will only support the PC3 smart card) should discuss this with their Thales account manager or Channel.

詳細訊息,請與亞利安科技聯絡:sales@ciphertech.com.tw

Imperva 加入PCI Security Standards Council,提供規範技術

[2007-09-17]應用資料安全及規範領導廠商iMPERVA,受邀參加由美國運通, Discover Financial Services, JCB, MasterCard Worldwide, and Visa國際所組成的PCI安全標準制定委員會(Payment Card Industry Security Standards Council ),這個委員會是一個全球性的組織,主要是邀請各頂尖業者來共同制定並參與PCI的執行。

(閱讀全文…)

Why iMPERVA?

針對iMPERVA這樣的全新的技術,常被客戶問到:Why iMPERVA?為什麼我要朝這個方向考慮?跟各位分享幾個重點:

(閱讀全文…)

審計人員要在資料庫合規性審計中提出的 5 個關鍵問題

[2007-12-6]iMPERVA提供審計人員常會提出的五個關鍵問題,這些問題是為了確定企業是否實施了最佳做法並合乎規章要求。

審計人員關心的問題 – 資料庫審計(稽核)

審計人員要在資料庫合規性審計中提出的 5 個關鍵問題

 

法律法規日益要求正規企業擴大審計範圍,將資訊技術 (IT) 資源納入其中。審計人員尤其關心資料庫中與某些企業應用程式相關的管制資料,這些應用程式包括 SAP、Oracle E-Business Suite、PeopleSoft 以及其他 Web 應用程式。

 

薩班斯-奧克斯利法案 (SOX)、健康保險流通與責任法案 (HIPAA)、支付卡行業 (PCI) 標準和其他法規條例均要求實施最佳控制措施來保護敏感資料。

 

在檢驗合規性中,審計人員會對資料庫環境進行多方面檢查,包括:用戶管理、身份驗證、責任劃分、訪問控制和審計記錄。本文將集中討論審計記錄。審計記錄必須符合特定條件,從而滿足審計人員的要求。

 

下面,我們將給出審計人員會提出的五個關鍵問題,這些問題是為了確定企業是否實施了最佳做法並合乎規章要求。

 

————————–

若需本文中文完整的白皮書資訊,請與我們連絡

sales@ciphertech.com.tw