Hi ,
We are undergoing a review for PCI DSS certification and we are having Solaris 11 servers in our environment. We are finding it difficult to meet the requirement 5 of PCI DSS regarding anti-virus solution and there has been a debate over this. As per our understanding, we feel that their is no need for an anti-virus solution on Solaris since it is not a commonly affected system. However there is no clear documentation from oracle that i can find to support my case.
I would like to ask the community what they think about the anti-virus requirement for Solaris?