In October of 1995, Cisco Systems, Inc. began their first serious push into the Network Security market with the acquisition of NTI (Network Translation, Inc.). NTI’s flagship PIX firewall became the Cisco Secure PIX Firewall. From 1995 until 2000, there was one feature missing that frustrated security administrators greatly: secure remote access. Although the PIX Firewall allows Telnet access to its CLI (command line interface), the PIX OS will not allow Telnet to hosts on the outside interface because of the threat of password interception. In 2000, Cisco introduced version 5.2 of the PIX OS. One of the most notable features of 5.2 was support for the new faster and more scalable PIX 525 Firewall. Another feature that received less fanfare, SSH or Secure Shell, proved to be very important to Security Administrators who were tired of driving to the office to make changes to their PIX. SSH uses either DES or 3DES to encrypt the entire session to the PIX; and as such, it was deemed safe to enable on the outside interface. David W. Chapman Jr. will demonstrate how to enable and troubleshoot SSH access to your PIX in an easy to follow step-by-step process.
SSH is the favored solution to provide secured remote access to your PIX Firewall. The PIX is able to authenticate users by password alone or coupled with the Cisco Secure ACS server for an additional level of assurance and access-control logging.