PCI DSS scan issue

As part of my PCI DSS audits, I need to whitelist the scanning IP range. I see a mechanism to add them to trusted networks, but the auditing company says I should not blanket whitelist them and instead only whitelist them from IDS and other installed countermeasures. Is there a way to accomplish this within their recommendations? I could not find one in the individual modules or anywhere in the portals provided by my firewall.

1 Like

Hi Paul,
welcome to the community. I would try to help you, but can you please explain what you are doing?

Perhaps @bwdjames could help here.
Here is a link to another thread where the security of PCI DSS is discussed.