This presentation highlights the elements of PCI, the anatomy of a payment flow and the role of SonicWALL in the PCI ecosystem. This PowerPoint is suitable for external audiences, such as partners.

1. How to Sell PCI Compliance With Without PCI Road Ahead SPEED LIMIT 80 SPEED LIMIT 45

2. How to Sell Compliance

5. PCI SSC Responsibilities

6. PCI Industry Standards CONFIDENTIAL All Rights Reserved

7. Roles of the Payment Brands Function Visa M/C Amex Discover JCB Data security program CISP SDP DSOP DISC DSP Service provider VNP TPP / DSE TPP TPP/ PSP TPP Authorization services Clearing services Settlement services Establish operating rules & regulations Issue cards through 3 rd parties Acquire transactions through 3 rd parties Issue cards directly Acquire transactions directly

11. Anatomy of PCI Transactions

12. Payment Transaction Flow CONFIDENTIAL All Rights Reserved

13. Example of Payment Industry Ecosystem Merchants Issuer (Consumer Bank) Payment Brand Network Credit Cards Cardholder Acquirer (Merchant Bank)

14. Card Processing - Authorization Merchants CB approves purchase CH swipes card at Merchant MB asks processor to determine CH’s bank Merchant connects to MB 3 4 PBN determines CB & requests approval 5 6 7 8 1 2 PBN sends approval to MB MB sends approval to Merchant Merchant gives receipt to CH Issuer (Consumer Bank) Payment Brand Network Credit Cards Cardholder Acquirer (Merchant Bank)

15. Card Processing - Clearing Merchants CB provides reconciliation to PBN MB sends purchase info to PBN 1 2 PBN sends purchase info to CB 3 4 PBN sends reconciliation to MB Issuer (Consumer Bank) Payment Brand Network Acquirer (Merchant Bank)

16. Card Processing - Settlement Merchants CB sends payment to processor 1 2 3 Processor's settlement bank sends pmt to MB MB pays merchant for CH purchase 4 CB bills CH Issuer (Consumer Bank) Processor Cardholder Acquirer (Merchant Bank)

17. PCI Mapping to SonicWALL

18. Where Does SonicWALL Play?

19. PCI Mapping By Security Product Line PCI DSS Requirement TZ NSA E-Class SSL-VPN EMS GMS Requirement 1 Requirement 2 Requirement 3 Requirement 4 Requirement 5 Requirement 6 Requirement 7 Requirement 8 Requirement 9 Requirement 10 Requirement 11 Requirement 12

21. Example of a SonicWALL PCI Deployment

23. Typical SonicWALL Quick Service POS Solution

28. Typical SonicWALL Quick Service POS Solution 5. Create secure, reliable VPN connections over broadband (Req 4)

31. PCI Pitch

32. Steps to Prepare for Compliance CONFIDENTIAL All Rights Reserved * Report of Compliance (ROC).

33. Problem - Pain Point - Product Problem Question Pain Point SonicWALL Product/Feature SonicWALL Benefit How concerned are you about Rogue Access Points (RAP)? Finding RAPs connected to the network. (Req. 11) SonicOS, SonicPoints and GMS Single appliance option for RAP detection Would you like to throttle unauthorized merchant activity and increase store site productivity? Non-business traffic is killing the pipe while legitimate business traffic suffers (Req 2) Application intelligence control Policy-based block/restrict throttles CHD traffic with bandwidth management How difficult do you find it to maintain consistent policy control across your protected CHD environment? Maintaining unified policies, controlling access and avoiding orphaned policies and security gaps. GMS – Policy management Easily create security policies and enforce them at the global, group or unit level. How are you mitigating your exposure to web-facing vulnerabilities? Protect against XSS, CSRF, SQL injection, etc. (Req. 6.6) WAF Integrated WAF protection with DPI How do you limit scope and protect CHD in transit? Network segmentation SonicOS (PortSchield, Zones) Integrated segmentation of CHD

34. How We Help with PCI Compliance?

36. SonicWALL Reference Customers

39. Q&A

40. Thank you Email Questions to PCI @SonicWALL.com