Is an ASE required for PCI SAQ A-EP compliance?

Mr J Smith 1 Reputation point
2020-01-28T14:49:41.737+00:00

Is an ASE required for PCI SAQ A-EP compliance? or as long as the web application is correctly secured, simply using 'standard' Web Apps will provide the necessary network security required for compliance.

Our design would have Application Gateway in front of the Web Apps and the web application would use Azure SQL.

Thanks for your help

Azure App Service
Azure App Service
Azure App Service is a service used to create and deploy scalable, mission-critical web apps.
7,221 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Daniel Powell 1 Reputation point
    2020-02-04T23:30:58.453+00:00

    You would need an application gateway or other WAF component (e.g. an NVA with WAF features). You could also use containers/AKS

    0 comments No comments