Open Services Report

The Open Services Report is an interactive report provided to assist merchants with satisfying PCI DSS requirement 1.1.6. This report includes a complete list of services, protocols and ports detected by the most recent external network scans of the IP addresses in your account. Review the findings, classify detected services as Authorized or Unauthorized, then download the report.

How to create this report

2) Classify Services as Authorized or Unauthorized. When a service is initially detected, it is classified as Unreviewed. Review each detected service and then classify the service as Authorized or Unauthorized. When you change the classification, you'll be prompted to provide a comment explaining how the service, protocol and port is necessary for your business. Note that changing the classification of a service does not affect your PCI compliance status.

3) (Optional) Add comments to any service that has already been classified as Authorized or Unauthorized without changing the classification.

View Your Report

The Open Services report gives you many options for viewing open services, protocols and ports detected by your more recent external scans of the IP addresses in your account..

Use the Group By menu to group the list of services by IP address or by service name. The default grouping is by IP address. Each IP address is shown with a list of the services detected on the IP address along with other details like the port and protocol, and the date when the service was last detected by a scan. Group the list by service to quickly see all hosts a particular service was detected on. This is especially useful if you want to classify all instances of a service as "Authorized" or "Unauthorized".

Use the Filter By menu to filter the list of services by classification: Unreviewed, Unauthorized, Authorized. When you filter the list of services, only the services with the selected classification are displayed. For example, filter the list to only show services that are not yet reviewed so that you can take action on them. To clear the filter, select "All".

Use the Search field to search the list of services. Enter a keyword (such as service name, port number or IP address) in the field provided and click . To clear your search criteria, click or place your cursor in the field and hit the Esc key.

If no filters are set (Filter By is set to All), then your search applies to the complete list of services. If a filter is set (Filter By is set to Unreviewed, Unauthorized or Authorized), then your search applies to the filtered list of services. For example, let's say the ftp service was detected on 5 hosts. The service was classified as "Unauthorized" for 2 hosts and is "Unreviewed" for 3 hosts. If you search for the keyword "ftp" and no filters are set, then the search returns all 5 instances of the service. If the Filter By menu is set to Unauthorized, then the search returns the 2 instances of the service that have been classified as Unauthorized. If the Filter By menu is set to Unreviewed, then the search returns the 3 instances of the service that have not yet been reviewed. If the Filter By menu is set to Authorized, then the search returns no results.