[c-nsp] PCI, CISP

[Cheung, Rick]

	Has anyone here started working on compliance with PCI/CISP's
sections, regarding encryption of username/passwords to network devices
with SSH, SSL, etc?

	Basically, I wanted to see if there was a way around upgrading
IOS to an IPSec feature set for SSH v1 server support. TACACs uses MD5
from the ACS to the gear, but from the laptop to the router/switch, its
cleartext unless the code supports SSH.





Thanks,
Rick Cheung
NPI IT Wan Analyst



This message, including any attachments, contains confidential information intended for a specific
individual and purpose and is protected by law. If you are not the intended recipient, please contact
sender immediately by reply e-mail and destroy all copies.
You are hereby notified that any disclosure, copying, or distribution of this message, or the taking
of any action based on it, is strictly prohibited.

WARNING: Computer viruses can be transmitted via email. The recipient should check this email
and any attachments for the presence of viruses. The sender accepts no liability for any damage
caused by any virus transmitted by this email. E-mail transmission cannot be guaranteed
to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive
late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors
or omissions in the contents of this message, which arise as a result of e-mail transmission.