From the PCI DSS:
Many vulnerabilities and malicious viruses enter the network via employees’ e-mail activities. Anti-virus software must be used on all systems commonly affected by viruses to protect systems from malicious software.
EFT Server does not specifically provide antivirus functions; you should continue to rely on your current antivirus implementation. You can also configure EFT Server to block specific files or file types from being transferred.
PCI DSS Requirement |
How Requirement is Addressed with EFT Server |
5.1 - 5.1.1 Deploy anti-virus software on all systems commonly affected by viruses (particularly PCs and servers) |
Data uploaded to EFT Server can (and should) be scanned for viruses independently of EFT Server; however, EFT Server can block the upload or download of certain file types based on their extensions. |
5.2 Ensure that all anti-virus mechanisms are current, actively running, and capable of generating audit logs. |
External to EFT Server |