Certificate Management System (CMS)
Securing the Internet of Things and BYOD with Public Key Infrastructure (PKI)
Three key industry trends are driving IT growth – the emergence of Bring Your Own Device (BYOD) computing, where users bring consumer grade goods into work and connect to IT resources; the federated internet, where application services are connected over public networks between locations and companies and the emergence of the Internet of Things (IoT) with IP and OS enabled devices providing a flood of sensor derived data from medical, utility, factory and other uses. The three trends are driving massive infrastructure development across the IT landscape, but the underlying mechanism that drives the secure connectivity between all these scenarios is public/private key cryptography infrastructure (PKI). PKI relies on trusted relationships to establish and manage encryption between services, users and devices.
Certificate Management System (CMS) is the leading product for issuing and managing certificates across these infrastructures. Uniquely designed for making the issuance, revocation, and management of all the certificates in an IT environment scalable and entirely secure; as the three trends outlined above accelerate, the average IT department will experience an explosion in the number of certificates that are under management. With on device issuance and key generation, support for Linux, Java and Windows certificate processes and a deep reporting and alerting infrastructure, CMS brings IT administrators everything they need to manage their PKI certificate infrastructure at scale, reducing risk of service outage and device access denial due to expired or invalid certificates. With CMS, IT administrators have peace of mind that their security infrastructure is resilient and reliable through effective certificate management practices
CMS upholds the tight security standards set by your enterprise for use in cross platform scenarios by preserving fundamental PKI practices. On-device generation natively supported by many of CMS’ supported platforms allows for the highest form of certificate security. This modular software allows you a higher availability PKI solution across your breadth of BYOD devices, securing access to the enterprise at all levels:
- Designed to work in a centralized or decentralized model, adapting to the security model of your environment
- Addresses a key gap in the mobile device management tool-sets, putting certificate management at the forefront
- Management across public-rooted certificate authorities and private certificate authorities, including the Microsoft CA in Windows Server
- Support for Java, Linux, Android, Windows, Unix and iOS certificate repositories and supports on-device enrollment on relevant platforms
Modular Certificate Management Approach
The Certificate Management System (CMS) contains two modules, the Mobile Issuance module and the Reporting and Administration module, described below:
CMS Mobile Issuance Module
Undeniably, digital certificates are the best way to secure mobile endpoints, the struggle lies in getting them there securely. The CMS Mobile Issuance module allows for streamlined, secure digital certificate issuance to any mobile device, on any network. With cross platform support, certificates issued from this module allow mobile endpoints to connect to secure WiFi/VPN, access to sensitive corporate data, and in-application certificate authentication. Featuring on-device key generation and PKCS#12 file support, there is no other method to securely issue certificates to mobile endpoints.
- Windows Phone 7/8
- Mac OSX
- Citrix Receiver
CMS Reporting and Administration Module
With thousands of un-managed certificates authenticating access to corporate data and serving as gateways to sensitive business critical operations, an outage caused by an expiration could be catastrophic. Tighten the management system that ensures environment health. The CMS Reporting & Administration Module provides automated certificate scanning and reports to the right people before an expired certificate causes embarrassing and costly downtime in your environment.
Certificate Management System (CMS) is the leading product for issuing and managing certificates across devices and services. Uniquely designed for making the issuance, revocation, and management of all the certificates in an IT environment scalable and entirely secure. With on device issuance and key generation, support for Linux, Java and Windows certificate processes and a deep reporting and alerting infrastructure, CMS brings IT administrators everything they need to manage their PKI certificate infrastructure at scale, reducing risk of service outage and device access denial due to expired or invalid certificates.
For full licensing information, please contact us.
Mobile Issuance Module
- On-Device Key Generation. iOS (iPhone, iPad, iPod Touch), Mac OSX, Android.
- Universal PKCS#12 Creation and Delivery. Facilitates widespread support for WP7 / WP8 / WinRT and Citrix Receiver.
- REST-based API for certificate request and retrieval. Easy-to-use mechanism that supports in-app certificates.
- Maintain secure SCEP server settings. Unique end-device certificate’s Common Name and SCEP one-time passwords.
Reporting and Administration Module
- Reporting and Notification Engine. Scans CA databases for certificates that are nearing expiration. Highly customizable notifications and reporting. Checks CRL locations for availability and freshness. Inspects SSL/LDAPS certificate URLs, regardless of where certificates came from.
- Certificate Administration Console. User-friendly console for certificate search, inspection,revocation, and recovery. Simplifies common PKI related tasks that are typically done via command line interface.
- SSL Scanning Utility. Helps identify which SSL certificates may need tracked. Configurable IP address and ports for scanning. Can identify certificates issued from other CAs.
- Expand the reach of your PKI for use on an array of platforms
- Compatible with all Mobile Device Management (MDM) systems
- Automate the management of your certificate Infrastructure
- Eliminate certificate ownership confusion
- Stop embarrassing and expensive certificate related outages
- Gain enterprise visibility into your certificate environment
- Active Directory® Certificate Services (ADCS)
- Windows Server® All versions
- iOS Versions 5.0 +
- Android 4.0 +
- Windows Phone 7, 8, RT
- Mac OSX 10.7 (Lion) +