Data Center Areas are to facilitate telecommunication cabling and equipment. Those areas can be categorized as below;
Main distribution area (MDA)
Intermediate distribution area (IDA)
Horizontal distribution area (HDA)
Zone distribution area (ZDA)
Equipment distribution area (EDA)
[image credits: http://www.commscope.com/]
Those areas have been logically defined. Physically, those areas could be either separated or within the same spaces. Will discuss bit more in detail
Entrance Room The entrance Room may include both access provider (SP) and customer (CE) owned cabling. SP demarcation hardware and equipment are being placed in this area. When using multiple entrance rooms, those should be at least 20m apart from each other. Further, entrance rooms should be outside the computer room in order to improve security.
Main distribution area (MDA) MDA includes the main cross-connect (MC), which is the central point of distribution for the data center cabling system. Below devices are being placed within the MDA
Core, Spine, and SAN switches
High-end network switches
PBX, Voice/VOIP Gateways
Every data center should have at least one MDA.
Intermediate distribution area (IDA) IDA is to support intermediate cross-connects. The IDA is optional and can include LAN or SAN switches.
Horizontal distribution area (HDA) HDA is the distribution point for cabling to the EDAs. The main purpose is to provide network connectivity to the end devices located in EDA. EDA area consists of below devices/hardware.
Zone distribution area (ZDA)
ZDA is an optional interconnection point within the horizontal cabling between the HDA and EDA
Equipment distribution area (EDA) EDA is the area allocated for end devices/equipment. These devices could be Computers, Collaboration devices &, etc.
The PCI DSS self-assessment questionnaires (SAQs) are validation tools intended to assist merchants and service providers to report the results of their PCI DSS self-assessment. The different SAQ types are shown in the table below to help you identify which SAQ best applies to your organization. Detailed descriptions for each SAQ are provided within the applicable SAQ.
Card-not-present merchants. For merchants that outsource their entire card data processing to validated third parties. This includes e-commerce merchants and mail/telephone order merchants. Nearly all online merchants aim for SAQ A, because it is the simplest, least time-consuming assessment.
E-commerce merchants who outsource all payment processing to PCI DSS validated third parties, and who have a website(s) that doesn’t directly receive cardholder data but that can impact the security of the payment transaction. No electronic storage, processing, or transmission of any cardholder data on the merchant’s systems or premises. Applicable only to e-commerce channels.
Merchants using only: • Imprint machines with no electronic cardholder data storage; and/or • Standalone, dial-out terminals with no electronic cardholder data storage. Not applicable to e-commerce channels.
Merchants use only standalone, PTS-approved payment terminals with an IP connection to the payment processor, with no electronic cardholder data storage. Not applicable to e-commerce channels.
Merchants who manually enter a single transaction at a time via a keyboard into an Internet-based virtual terminal solution that is provided and hosted by a PCI DSS validated third-party service provider. No electronic cardholder data storage. Not applicable to e-commerce channels.
Merchants with payment application systems connected to the Internet, no electronic cardholder data storage. Not applicable to e-commerce channels.
Merchants using only hardware payment terminals that are included in and managed via a validated, PCI SSC-listed P2PE solution, with no electronic cardholder data storage. Not applicable to e-commerce channels.
SAQ D for Merchants: All merchants are not included in descriptions for the above SAQ types.
SAQ D for Service Providers: All service providers defined by a payment brand as eligible to complete a SAQ.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
The cookie is used by cdn services like CloudFare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It does not correspond to any user ID in the web application and does not store any personally identifiable information.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
1 year 24 days
Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
5 months 27 days
This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.