Hi Denise....
I agree with Dave that there are many "flavors" to PCI compliance. It actually is something that changes very frequently. I managed a credit card processing server at one point, and we frequently had to apply patches to maintain compliance. The University had a scan that ran to alert us to these changes - otherwise it would be difficult to keep track of all of them.
Essentially, this is something that is better left to the experts. I would not recommend running your own server, especially with the myriad options available.
Terry Callaghan
Zuri Group
aasp Executive Board Members
------------------------------
Terry Callaghan
Zuri Group
terry@zurigroup.com------------------------------