The PCI conducted a security scan in our infrastructure of a e-business website. They pointed out a FTP(port 21) is opened up on the CSS 11501. I have gone through the documents as much as I can get from CISCO website, But can't find anything about the FTP port. Did anybody successfully stop the FTP service on CSS by any chance?
By default the FTP service is enabled on the CSS load balancer. You should be able to prevent ftp access to the CSS by issuing the following global command "restrict ftp". Hope this info helps!
- Jason Espino