A more reliable approach is to use the
SSH protocol. Security appliance supports SSH connections for management purposes. Security appliance
supports the SSH remote shell functionality provided in SSH Versions 1 and 2 and supports DES and 3DES
ciphers. To configure SSH, generate an RSA key pair, which is required for SSH, and then identify the IP
addresses/networks from which the appliance accepts connections by using the ssh command from the global
configuration mode. Other requirements need to be fulfilled to configure SSH, such as configuring the domain
name and creating the RSA key pair.
The most secure and highly recommended device management access control combination is obtained by using
SSH with AAA authentication with either TACACS+ or RADIUS. (AAA authentication is discussed in Chapter 8,
"Securing Management Access.")
HTTPS Access for ADSM
Cisco Adaptive Security Device Manager (ASDM) is a security management and monitoring application for Cisco
PIX 500 and ASA 5500 Series Adaptive Security Appliances that is used through an intuitive, easy-to-use, webbased
management interface. ADSM will be discussed more in Chapter 24, "Security and Policy Management."
To use ASDM, the HTTPS server needs to be enabled to allow SSL connections to the security appliance.
Pages:
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155