Press Releases

Latest firmware release enables customers to use complete Opengear product line in their PCI DSS 3.2 compliant networks

Sandy, UT – May 23, 2016 – Opengear (, a leading provider of critical infrastructure management solutions through advanced console serversremote managementmonitoring, and cellular out-of-band products, today announced a new firmware release, version 3.16.4, with new features specifically designed to assist Opengear’s customers in achieving compliance with Payment Card Industry Data Security Standard (PCI DSS) 3.2. With this release, customers can now make use of any Opengear product in their PCI DSS 3.2 compliant networks.

PCI DSS exists to regulate and enhance cardholder data security practices globally. The standard applies to every entity involved in payment card processing – including merchants, processors, acquirers, issuers, and service providers. For any business involved with handling payments information, the ability to demonstrate proper card data security to regulators and customers is both an obligation enforceable by fines and a critical component to maintaining customer trust and reputation.

Opengear is the first in the industry to achieve this security standard, and, with the release of new PCI DSS 3.2-focused features, demonstrates its ongoing commitment to providing highly secure out-of-band management solutions for businesses. Specific requirements mandated by PCI DSS 3.2 include building and maintaining secure networks and systems (utilizing firewalls and password best practices), protecting stored cardholder data and encrypting data transmissions, maintaining a vulnerability management program to protect systems from viruses and malware, implementing strong card-data access control measures, regularly monitoring and testing network security and processes, maintaining an information security policy, and keeping all personnel training updated. For a more detailed review download the Opengear PCI Best Practices Whitepaper which provides a series of recommendations designed to assist Opengear customers achieve the enhanced security needed for PCI DSS compliance.

Adhering to PCI DSS 3.2 requires that payment applications allow for the use of two-factor authentication technologies for secure remote access originating from outside the customer environment. Already featured in previous firmware versions, Opengear’s latest firmware continues to support two-factor authentication of out-of-band management remote access via RADIUS as well as support for the newer, PCI-approved, versions of TLS.

With the new firmware release, Opengear has implemented security features designed to assist any business using Opengear hardware in achieving PCI DSS 3.2 compliance. Doing so empowers Opengear customers to significantly reduce the risk of regulatory and reputational trouble and to have the peace of mind that comes with operating in a highly secure environment.

“DotSec reviewed Opengear’s latest firmware release (version 4.5.6), and is of the professional opinion that Opengear’s firmware provides extensive security features that include strong encryption algorithms and cipher suites, two-factor authentication, secure VPN functionality, and the support for secure remote logging,” said Tim Redhead, Director, DotSec, a Payments Card Industry Qualified Security
Assessor Company. “These features make the Opengear products an excellent choice for organizations seeking to use secure network devices within their PCI DSS 3.2-compliant payments environment.”