[Freeswitch-users] FreeSWITCH version 1.4.x end of life - recommendation please

Dominique Jeannerod dominique.jeannerod at interact-iv.com
Fri Nov 20 12:08:46 MSK 2015


Hi Andrew,

we are also working on a PCIDSS certification (feasibility study), and
use Freeswitch as a SBC for SIP trunks..
The solution from Semafone (https://www.semafone.com/) is quite largly
used (at least in Europe) and I think that alternatives from other
companies also exist elsewhere in the world.
This type of product can greatly reduce the scope of the PCI
perimeter, and make your Freeswitch out of it, if you use DTMFs to
carry the credit card number.
Their box removes DTMF info from the voice call, and can send it to
your transaction server, thus reducing the scope of the PCIDSS
perimeter.

This mail is quite out of the scope of the Freeswitch list, and then
will be my last one on this matter.

Just my 2 cents ...

Best regards,


Dominique Jeannerod

Interact-iv.com

Mobile: +33 698 778 763

Headquarter : 600 rue Felix Trombe – tecnosud – 66100 Perpignan - France
France : 0826 10 23 21 (0,15€/mn) International +33 (0)4 20 10 45 45


2015-11-20 9:27 GMT+01:00 Andrew Keil <andrew.keil at visytel.com>:
> Michael,
>
> Maybe I should clarify this a little further.  The actual credit card processing is running on a separate server, however the FreeSWITCH server does collect the credit card number off the caller and offload this to the transaction server for processing.  Therefore, the FreeSWITCH server (running on CentOS 6.7) is directly involved and needs to be PCI compliant.  I hope this now makes more sense.
>
> I noticed this thread has ballooned a little out-of-control.
>
> Perhaps this thread should stop here.
>
> I will attempt to build the latest production version (1.6.x) on CentOS 6.7 without video (by commenting those features out inside modules.conf) prior to the build taking place and provide an installation document here (in a similar way as I did for CentOS 7).  I am sure I can get this up and running.
>
> Regards,
>
> Andrew Keil
>
> ---Original Message-----
> From: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Michael Giagnocavo
> Sent: Friday, 20 November 2015 2:18 AM
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Subject: Re: [Freeswitch-users] FreeSWITCH version 1.4.x end of life - recommendation please
>
> That's poor planning; they need to split up networks and minimize PCI scope. Anyone that's finding PCI applying to their non-payment systems is doing it very wrong (and the costs will balloon). This is one huge reason why companies that offload handling of PAN like BrainTree and Stripe got so big - they make your PCI scope negligible.
>
> -Michael
>
> -----Original Message-----
> From: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of Andrew Keil
> Sent: Thursday, November 19, 2015 3:21 AM
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Subject: Re: [Freeswitch-users] FreeSWITCH version 1.4.x end of life - recommendation please
>
> No they do not, however it is at the same site and for PCI compliance all systems involved needed to be locked down.
>
> -----Original Message-----
> From: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] On Behalf Of jungle Boogie
> Sent: Thursday, 19 November 2015 3:00 PM
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Subject: Re: [Freeswitch-users] FreeSWITCH version 1.4.x end of life - recommendation please
>
> On 18 November 2015 at 15:49, Andrew Keil <andrew.keil at visytel.com> wrote:
>> i.      I understand that CentOS 7 is recommended, however upgrading the OS
>> is a much bigger task than simply upgrading FreeSWITCH.  Especially
>> since my client is also PCI compliant to enable credit card
>> processing, which requires rigorous Operating System lockdown.
>> Currently my client will not be using the video features inside
>> FreeSWITCH (ie. initially only using the feature set inside the FreeSWITCH version 1.4.x branch).
>
>
> Does your clients actually run the credit card processing on the same server as freeswitch??
>
> --
> -------
> inum: 883510009027723
> sip: jungleboogie at sip2sip.info
> xmpp: jungle-boogie at jit.si
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org



Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list