Who Me Too'd this topic

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Who Me Too'd this topic

roma
L1 Bithead

Is it safe to allow SSH from internet to DMZ?

We have a server in our DMZ that is allowing from the internet the SSH application via our Palo Alto firewall. The server in the DMZ is very well locked down and the application on the server that facilitates the SSH session is a highly rated 3rd party application that allows vendors to connect to servers in your network. I've read and heard how safe\unsafe SSH is, but I cant find anything that makes itr seem to me any less safe than ipsec vpn or https.

Any thoughts?

Also, I see that the applications for SSH the security rule include:

SSH

SSH-Tunnel

Is there a preference?

 

Thanks.

Who Me Too'd this topic