Strong authentication and SSL certificates in Digital...
Transcript of Strong authentication and SSL certificates in Digital...
1
Strong authentication
and SSL certificates in
Digital world
Mija Božič
Sales specialist, Veracomp d.o.o.
2
WHAT IS RESHAPING THE ENTERPRISE ?
2
3
Proprietary and Confidential. Copyright Entrust Datacard 3
Entrust Datacard
$800M in revenue
2,200 employees across 34
global offices
25 Countries use our PKI plus
the UN, Interpol and NATO
24M Global financial messages
encrypted and secured daily
150+ Countries served
#1 provider of secure identity
solutions globally
4
Proprietary and Confidential. Copyright Entrust Datacard 4
5
SOLUTION OVERVIEW
Critical On-Premise
Systems & Apps
Customer & Partner
Web Portals
VPN Access Cloud SSO
USE CASES
Application
Provisioning
Adaptive
Access
User/Group
Management
Authenticator
Suite
Management
Reporting
User Self
Service
User Access IT Agility
Desktop Login
Mobile – the Primary
Computing Platform
6 6
Comprehensive
Integration APIs and SDKs
Context-Based
Policy Agility
Deployment
Options
Domain
Agnostic
User
Self-Service
Context-Based
User Experience
Authenticator
Suite
EXTENSIBLE SOFTWARE AUTHENTICATION
PLATFORM
7
Proprietary and Confidential. Copyright Entrust Datacard 7
Includes eBook by
industry expert, Ivan Ristic
8
Proprietary and Confidential. Copyright Entrust Datacard 8
Security Beyond the Certificate
Entrust Certificate Services
Centralizes visibility & compliance for all
certificate types — regardless of issuing CA
Simplifies end-to-end lifecycle management
Benefits
Improve service uptime
Avoid security lapses
Preserve brand reputation
Best CtaaS Frost & Sullivan, “SSL/TLS Certificates Market — Finding the Business Model in an All Encrypt World” Sept. 2016
9
Proprietary and Confidential. Copyright Entrust Datacard 9
Product Overview – Digital Certificates
SSL/TLS INCLUDES
Support 24x5 (standard)
SSL Server Test
Unlimited Reissues
Best Practices
Unlimited Server Licensing
SHA-2/2048 –bit Keys
Website Security Bundles
99.9%+ Browser Ubiquity
10
ECS Enterprise
Certificate Management Platform
11
Proprietary and Confidential. Copyright Entrust Datacard 11
Discover
Discovery Agent
Deploy scanner to find
Certificates & location
Manual Import
Import un-scannable
certificates
CT Import
Import certificates
from CT Logs
SSL Server Test
Assess & track end-
point configuration
Sitelock
Assess end-points for
Malware & Reputation
CAPI Scanner
Scan MS CAPI Store for
Certificates
Foreign Certs
ECS
Certificates
Microsoft
Certificates
Entrust PKI
Certificates
Self-Signed
Certificates
Competitive
Certificates
Other
Certificates
Native Certs
Code
Sign
Document Sign
Secure Email
OV SSL
WC SSL
Private SSL
Internal SSL
White-Label SSL
EV SSL
Mobile Device
24/7
Support
Best Practice
Advisory
Dedicated Sales
Rep
Flexible
Licensing
Revocation
Services
Security
Reputation
Rapid
Verification
Global Browser
Support
Requests
Administrator
eForm
Requester
US
ER
S
Ansible
ServiceNow
API
CO
NN
EC
TO
RS
ACME
(Apache)
Turbo
(IIS)
AU
TO
-IN
ST
AL
L
Management
Certificates & Web Sites
Lifecycle
Management
Issue, Re-Issue, Revoke,
Renew, Duplicate
Policy
Engine
Implement industry policy,
manage
custom policy
End-Point
Management
Auto-install, End-point
scoring, Locations,
Path Validation
Monitor
& Alerts
Policy, Best Practice, Low
Server Grades, Malware
scanning
Report, Notifications
Dashboard, Alerts
Charts, Emails
Reports
Manage
Switch Issuance
Entrust Certificate Services
12
Proprietary and Confidential. Copyright Entrust Datacard 12
Best Practices – In Practice
Find and Discover the
certificates on your network
Ensure you maximise the
Certificate inventory
Have in place intuitive
request/approval workflows
together with customisation
options
Default and custom
reporting on expiry,
Inventory.
Monitor certificates, web
servers for vulnerabilities
and applications for threats
Use Best Practice for
installation and
management of certificates
13
Proprietary and Confidential. Copyright Entrust Datacard 13
Here’s How It Works Reusable Licenses for Changing Web Environments
Select account term
1, 2, 3, 4 or 5 years
1
Purchase SSL/TLS
certificates
Licenses (purchased mid-
term) pro-rated to account
term
4
Deploy and redeploy
Recycle licenses
throughout
certificate lifecycle
5
Take advantage of
volume and term
discounts
Discounts applied
throughout the term
3
Set convenient
certificate expiration
dates
Issue certificates
from 2-27 months, avoid
holidays and busy periods
2
14
Proprietary and Confidential. Copyright Entrust Datacard 14
Used Licenses Are Returned To Inventory For Reuse
SERVER 2
SERVER 1
DEPLOY LICENSE A ON 1
INVENTORY
REDEPLOY LICENSE A ON 2
DEACTIVATE LICENSE A
RETURN TO
INVENTORY DEACTIVATE LICENSE A RETURN
TO INVENTORY
15
Proprietary and Confidential. Copyright Entrust Datacard 15
Certificate Discovery (Managed Certificates Tab)
Consolidates all Entrust and Non-Entrust Certificates into a Single, Centralized Dashboard
16
SSL Automation & Integrations
Ansible & REST API
Integration
Integration
17
Ansible Overview
18 Proprietary and Confidential / Copyright Entrust Datacard 18
Automation using DevOps Tools in ECS Enterprise
• Automation using DevOps tools is possible with 12.6 release
• What is DevOps/Orchestration Support?
ECS
REST
API
ECS
Enterprise
Ansible
Entrust Datacard Premises Customer Premises
F5
Apache
IIS
AWS
Configuration Mgmt tools
Salt Stack
Chef
• Automate ECS requests… • Renew/re-issue/duplicate cert
• Revoke cert
• Request new domain verification
1
• Automate installation • Generate CSR
• Configure end-point
• Install certificate
• Restart services
2
Puppet
Azure
HashiCorp Vault
Secrets Mgmt
19
ServiceNow Integration
20
Proprietary and Confidential. Copyright Entrust Datacard 20
Integration & Capabilities
• Synchronize active certificate data between ServiceNow and Entrust
• Create new certificates using ServiceNow hosted approval workflow
• Renew existing certificates using ServiceNow hosted approval workflow
• Provide access to issued certificates in ServiceNow
21
Proprietary and Confidential. Copyright Entrust Datacard 21
Thank you for your attention