| From: | John Scalia <jayknowsunix(at)gmail(dot)com> |
|---|---|
| To: | dinesh bhandary <dbhandary(at)gmail(dot)com> |
| Cc: | "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
| Subject: | Re: streaming rep setup in PCI compliance environment |
| Date: | 2015-10-09 17:50:24 |
| Message-ID: | CABzCKRBM8_Oq+xFgjkjjxPw22a49rBjbFPAbvsnZ_ZzfoTDO4g@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
I spoke with my PCI compliance officer here, and provided you've documented
what you're doing here and why, you should be compliant. We had a fairly
long discussion about this and I had to explain to him that I was referring
to the slave as being a hot standby, ready to take over in the event of an
issue with the primary. If you're doing this for some other reason, so long
as it's explained, you could still be OK.
--
Jay
On Fri, Oct 9, 2015 at 11:48 AM, dinesh bhandary <dbhandary(at)gmail(dot)com>
wrote:
> Hello Everyone:
>
> I am trying to setup streaming rep between master ( which is in PCI tier1
> zone) to slave ( PCI tier 2 zone). However, I am told that PCI tier1 can
> only initiate connection to lower security zone, in our case slave
> environment ( PCI tier 2). However, for streaming rep to work, slave needs
> to connect to Master. Does this violate PCI requirement. Anyone has
> experience setting up master-salve in PCI compliance environment?
>
> Please let me know.
>
> Thanks
> Dinesh
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | dinesh bhandary | 2015-10-09 18:28:22 | Re: streaming rep setup in PCI compliance environment |
| Previous Message | dinesh bhandary | 2015-10-09 16:48:39 | streaming rep setup in PCI compliance environment |