Skip navigation links

Packet General Networks

<b>PCI-GENERAL</b> PCI-GENERAL By Packet General Networks

PCI Compliance for MySQL Enterprise

All organizations that store, process or transmit credit card payment information must comply with the PCI mandates. PCI-GENERAL is a secure MySQL server appliance designed for organizations that are looking for a tried and tested solution that will enable them to become PCI compliant quickly. PCI-GENERAL has withstood the scrutiny that is only reserved for level-1 service providers or payment gateways.

A leading credit card brand has deployed PCI-GENERALto secure their own MySQLdata.

Designed to provide PCI compliance:


  • Built-in firewall to secure MySQL data
  • Dedicated appliance provides only one primary functionality - MySQL
  • All unnecessary and insecure services and protocols have been disabled
  • MySQL and its operating environment are tightly coupled and are run-contained to prevent attacks
  • All non-console administrative access is provided through encrypted channels
  • PAN and the rest of credit card data is transparently encrypted using AES-256
  • Logical access to credit card data is managed independently of the operating system access control mechanisms
  • Cryptographic keys used to encrypt MySQL data are stored on smart-cards
  • Distribution of keys is controlled through a specially provisioned role of a Security Officer within the appliance
  • Keys can be easily revoked
  • The appliance provides ability to yearly rotate the encryption key without having to encrypt/decrypt the entire data set
  • 90-day password rotation for all PCI-GENERAL administrators is enforced
  • Strong OS level access controls prevent access to MySQL
  • Even "root" user can't view or access MySQL data
  • Patches for MySQL, OS and the encryption software come from a single source -Packet General

PCI-GENERAL for MySQL is a self-defending MySQL soft server. Non-invasive data encryption combined with strict data access-control ensure data integrity and confidentiality. Clear accountability is achieved through Role-Based-Access-Control management of the platform. Cryptographically-signed access logs provide necessary legal admissibility of records in a court of law. A built-in firewall and hardened Just enough Operating System (JeOS) reduce the radar cross-section” of the platform making it less visible to intruders. Audit mechanisms provide necessary feedback, which ensures that the policies and controls are in fact working as intended.

Packet General Networks is a leader in data security, specializing in securing MySQL data in order to enable compliance with the PCI mandates.

*Customer can request for a specific version of MySQL Enterprise server to be installed on the appliance.

Find other products from this supplier »



 MySQL Enterprise Ready Partner
Updated: 2009-02-12






About Packet General Networks

Packet General Networks is a leader in data security, specializing in secure soft/hard appliances for MySQL that provide regulatory compliance.

Website: http://www.packetgeneral.com/solutions/formysql.html

Email: mysql@packetgeneral.com

Phone: 646-290-8225

Read More »