Cisco PIX

Cisco PIX (Private Internet eXchange) was a popular IP firewall and network address translation (NAT) appliance.

[1] PIX was originally conceived in early 1994 by John Mayes of Redwood City, California and designed and coded by Brantley Coile of Athens, Georgia.

Beta testing of PIX serial number 000000 was completed and first customer acceptance was on December 21, 1994 at KLA Instruments in San Jose, California.

[2] Shortly before Cisco acquired Network Translation in November 1995, Mayes and Coile hired two longtime associates, Richard (Chip) Howes and Pete Tenereillo, and shortly after acquisition 2 more longtime associates, Jim Jordan and Tom Bohannon.

[3][4] In May 2005, Cisco introduced the ASA which combines functionality from the PIX, VPN 3000 series and IPS product lines.

The PIX became the first commercially available firewall product to introduce protocol specific filtering with the introduction of the "fixup" command.

The PIX "fixup" capability allows the firewall to apply additional security policies to connections identified as using specific protocols.

The Cisco PIX was also one of the first commercially available security appliances to incorporate IPSec VPN gateway functionality.

The latter is the part code for the PIX technology implemented in the Fire Wall Services Module, for the Catalyst 6500 and the 7600 Router.

Equation Group developed a tool code-named BENIGNCERTAIN that reveals the pre-shared password(s) to the attacker (CVE-2016-6415[14]).

[15][16][17][18] According to Ars Technica, the NSA likely used this vulnerability to wiretap VPN-connections for more than a decade, citing the Snowden leaks.

[21] On the 29th of January 2018 a security problem at the Cisco ASA-brand was disclosed by Cedric Halbronn from the NCC Group.

A use after free-bug in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated remote attacker to cause a reload of the affected system or to remotely execute code.