Page 1 of 1
NRPE agent PCI compliance
Posted: Wed Apr 19, 2017 2:26 am
by ahmadt
Hello,
please can you help me out in order to check my ssl setting in nrpe agents on linux and windows in order to comply to pci requirements as it should use tlsv1 or higher and set the ciphers.
Thanks,
Ahmad
Re: NRPE agent PCI compliance
Posted: Wed Apr 19, 2017 11:23 am
by mcapra
You'll probably want to be using NRPE v3 on the machine that needs to be PCI compliant. Here's documentation on how to build NRPE v3:
https://support.nagios.com/kb/article.php?id=515
After NRPE v3 is all set up and ready to go, this document should help you make sure all communications are encrypted and require proper trust chains:
https://support.nagios.com/kb/article.php?id=519
Re: NRPE agent PCI compliance
Posted: Tue Apr 25, 2017 4:27 am
by ahmadt
thanks for your reply
but what about windows clients as the NRPE v3 KB you have sent me is for UNIX/LINUX servers.
is there any updated NSClient for windows machines that complies with PCI.
Thanks,
Ahmad
Re: NRPE agent PCI compliance
Posted: Tue Apr 25, 2017 9:46 am
by mcapra
We don't develop/maintain NSClient++ and as such can't make any particular compliance claims about the software. You'd be better off asking around that community:
https://forums.nsclient.org/
https://github.com/mickem/nscp
It does have options for encryption, though. Passive checks via NSCA being one of them:
https://docs.nsclient.org/reference/cli ... encryption
Re: NRPE agent PCI compliance
Posted: Thu May 25, 2017 9:57 am
by cdienger
Did mcapra's post help you?