Thank you for watching the video and posting the query. Yes, even the shared firewalls which are used segmenting the environment is a part of scope. Not just firewalls, even shared Active Directory, Email, AV, WAF, etc are considered part of scope. Hope this helps.
![[PCI DSS Requirement 1]: Summary of Changes from Version 3.2.1 to 4.0 Explained](http://i.ytimg.com/vi/-Qecm0aJebU/mqdefault.jpg)
Beautifully explained sir!
If firewalls are used to segment the network, do the these firewalls fall in the CDE or considered as ‘connected to’ systems?
Thank you for watching the video and posting the query. Yes, even the shared firewalls which are used segmenting the environment is a part of scope. Not just firewalls, even shared Active Directory, Email, AV, WAF, etc are considered part of scope. Hope this helps.