PCI Compliance (Vulnerability Scans)

Group,

Have any of you performed simply PCI compliant Vulnerability Scans? if so, I am 
looking for a few things:

1.  Did you use an automated Scanner (only)? If so, which one (or which one do 
you think is the best)?
2.  What are your recommendations for performing a simple PCI compliant Scan? 
Is an automated tool the best solution for a simple scan? I assume it is, since 
I don't believe much manual time/effort should be devoted to them, as opposed 
to a real Vulnerability Assessment (manual verification)/Penetration Test.

3.  Could someone also guide me in the right direction for finding out more 
about PCI compliment vulnerability scanning (i.e. websites, books, whitepapers, 
etc)?
 - I am wondering specifically while doing discovery scanning do you only focus 
on ports 22,23,25,80 and 443 and if found "alive" perform a full 65k+ scan on 
those hosts.  Also, do you only perform scans on hosts that provide sensitive 
information like servers? Would routers, etc that connect these servers count 
as well?

Anyway, Thanks allot for any information anyone can provide.

Sparky

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------