Forum Discussion

murphs76_64953's avatar
murphs76_64953
Icon for Nimbostratus rankNimbostratus
Feb 27, 2014
Solved

PCI Implications of an LTM

Hello All,

 

I am decommissioning a pair of LTM running 9.4.8. I need to remove them from the datacenter but the business is concerned that there might be PCI data on it. Credit cards were processed over the traffic that transversed these LTMs. I let them know that the LTM would not store data that is going over it's wires but they want to be sure and want some kind of documentation confirming this. I ran several searches but can not find such documentation. Can anyone point me to information that could alleviate their PCI concerns?

 

Additional note: Web acceleration is not running on these. Would there be anything else I would look for that might cache traffic?

 

Thanks!

 

application delivery
LTM
management
pci
security
storage
  • Mike_Kahler_488's avatar
    Mike_Kahler_488
    Feb 27, 2014

    I don't think you will find anything on AskF5. Since the F5 is a full proxy, we would not store data on the hard drive. If you want to insure no data remains on the box, you can use wipedisk to zero the drive. This solution will give you the steps:

     

    SOL6346: Recovering from a corrupt drive partition (9.x - 10.x) http://support.f5.com/kb/en-us/solutions/public/6000/300/sol6346.html?sr=35467662

     

    F5 has another procedure to completely wipe a drive prior to RMA. Since the steps hardware dependent, open a case and refer to the procedure, "Securely erasing compact flash and hard disk drives on BIG-IP platforms"

     

2 Replies

Sort By
  • murphs76_64953's avatar
    murphs76_64953
    Icon for Nimbostratus rankNimbostratus
    Feb 27, 2014
    The only thing I can find regarding LTM and storage of PCI information is this whitepaper http://www.f5.com/pdf/white-papers/complying-pci-dss-wp.pdf It doesn't specifically state that an LTM doesn't store PCI information.
  • Mike_Kahler_488's avatar
    Mike_Kahler_488
    Historic F5 Account
    Feb 27, 2014

    I don't think you will find anything on AskF5. Since the F5 is a full proxy, we would not store data on the hard drive. If you want to insure no data remains on the box, you can use wipedisk to zero the drive. This solution will give you the steps:

     

    SOL6346: Recovering from a corrupt drive partition (9.x - 10.x) http://support.f5.com/kb/en-us/solutions/public/6000/300/sol6346.html?sr=35467662

     

    F5 has another procedure to completely wipe a drive prior to RMA. Since the steps hardware dependent, open a case and refer to the procedure, "Securely erasing compact flash and hard disk drives on BIG-IP platforms"