PCI Assessment

NDB Advisory Network Diagram Drawings | PCI DSS Requirement 1.1.2

Network Diagram Drawings | PCI DSS Requirement 1.1.2

DSS Requirement 1.1.2, and the easier it will be for a Qualified Security Assessor (QSA) to understand and scope the assessment.

Added to the fact is that when you start to embark on PCI DSS compliance and you begin to truly examine the 12 requirements in PCI DSS v.1.2, you will quickly find yourself referring back to these network diagram and topology documents for much needed reference on a number of particular items.

As a general rule, here is what you would want to include in your network diagram/topology documents: 

  • Firewalls
  • Load Balancers
  • Routers and Switches
  • Demilitarized Zone (DMZ)
  • Intrusion Detection Systems (IDS)/Intrusion Prevention Systems (IPS)
  • Any enterprise wide applications (CRM systems, etc.)
  • Remote Access
  • Point to point secure data transmission methods used for data traversing back and forth on the network
  • Wireless Networking or Networks
  • Web Servers
  • Proxy Servers
  • Email Servers
  • DNS Servers
  • Operating Systems
  • Databases
  • Applications
  • Anti-virus

Obviously, this amount of information now makes these documents and drawings very sensitive, thus due care should be placed on protecting these items. Having network diagram/topology documents with this type of detail will greatly aid in the overall assessment, along with sufficing the all important PCI DSS Requirement 1.1.2. In short, think of your network in terms of layers, and how they are logically and physically laid out, and then start to map them with as much detail as possible. And also, don't forget to include dataflow information, that is, the types of data that is flowing and traversing your network along with the protocols used-this is often an area forgotten on network diagram/topology documents for PCI DSS Requirement 1.1.2.

In short, include all system components from the network, Operating System (O/S), application, and database layers.

To learn more about the Payment Card Industry Data Security Standards and becoming PCI DSS compliant, please contact NDB, Advisory.

Sample image

Send us an This email address is being protected from spambots. You need JavaScript enabled to view it. or give us a call at (800) 277-5415 x706



  • (800) 277-5415, ext. 706
PCI DSS Compliance Experts


Contact Us