ATTENTION
For WiFi Environments:
Guidelines for meeting PCI DSS v1.1 wireless requirements if the Synergy II terminal is to be installed in a
wireless network (Wi-Fi) environment.
A firewall is required between any wireless networks and the cardholder data environment (i.e. the Synergy II
device), and the firewall must be configured to deny any traffic from the wireless environment or from
controlling any traffic if such traffic is necessary for business purposes (PCI DSS 1.3.8).
For wireless environments, the installer must change wireless vendor defaults, including but not limited to,
wired equivalent privacy (WEP) keys, default service set identifier (SSID), passwords, and SNMP
community strings. The installer must disable SSID broadcasts and enable Wi-Fi protected access (WPA and
WPA2) technology for encryption and authentication when WPA-capable (PCI DSS 2.1.1).
For wireless networks transmitting cardholder data, transmissions must be encrypted using Wi-Fi protected
access (WPA or WPA2) technology, IPSEC VPN, or SSL/TLS and that one should never rely exclusively on
wired equivalent privacy (WEP) to protect confidentiality and access to a wireless LAN. If WEP is used, the
installer must do the following: Use with a minimum 104-bit encryption key and 24 bit-initialization value,
Use ONLY in conjunction with Wi-Fi protected access (WPA or WPA2) technology, VPN, or SSL/TLS,
rotate shared WEP keys quarterly (or automatically if the technology permits), rotate shared WEP keys
whenever there are changes in personnel with access to keys, and restrict access based on media access code
(MAC) address.
13