1 / 16

Securing SSH Admin Access

Securing SSH Admin Access. Pragma Systems Fortress SSH Cisco Enterprise Routing Products. The Threat:. Unauthorized access to command line Stolen passwords Revoked / Expired Public Keys Spoofing the client. NEW Only from Cisco and Pragma. X.509 certificate with RFC 6187 (single factor)

ritenour
Télécharger la présentation

Securing SSH Admin Access

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing SSH Admin Access Pragma Systems Fortress SSH Cisco Enterprise Routing Products

  2. The Threat: • Unauthorized access to command line • Stolen passwords • Revoked / Expired Public Keys • Spoofing the client NEWOnly from Cisco and Pragma • X.509 certificate with RFC 6187 (single factor) • Server side certificate validation • CAC/smartcard with RFC 6187 (2 factor) • Most secure authentication – Sever side certificate and PIN

  3. For customers that need:Secure access to command lineWith two factor authenticationAuthenticate with X.509 certificate & PIN Most secure Government Certified Standard RFC-6187 First end-to-end solution with Cisco and Pragma Systems

  4. SSH Access with DoD Common Access Cards Cisco SSH Server Feature Pragma Fortress CL SSH Client X.509 Authentication SSH Session Establishment CAC card reader

  5. Demonstration

  6. To reach the router or switch, • End-user starts SSH session on their PC Fortress CL Client

  7. User inserts Smart Card • Smart card has the user’s credentials

  8. User now clicks “connect button”.

  9. User enters User-ID; Selects Smart Card / CAC button Click on ellipsis button

  10. If end-user has more than one credential, he selects the certificate that he wants to use. Certificates are stored on the smart-card.

  11. Click on connect David.S.Kulwin

  12. End-user enters PIN. • Router now has: • Certificate and • PIN • User name SSH handshake now proceeds

  13. SSH session starts from end-user PC to Cisco Router.

  14. For Secure Access: • Easy to use two-factor authentication • X.509 Certificates for SSH • Standards Compliant • FIPS certified

  15. For Further Information: Contact your Pragma representative for a demonstration or 30 day trial version Sales@pragmasys.com Contact your Cisco Systems sales representative.

More Related