Adding value to your MS customers
|
|
- Timothy William Heath
- 5 years ago
- Views:
Transcription
1 Securing Microsoft
2 Adding value to your MS customers Authentication - Identity Protection Hardware Security Modules DataSecure - Encryption and Control Disc Encryption Offering the broadest range of authentication, from HW smartcard tokens to mobile phone auth all managed from a single platform Use your Tokens for MS Certificates Authentication to UAG and other MS Applications Ability to mix MS cert environments with OTP Fully integrated with AD for ease of use Proven customer base The fastest, most secure, and easiest to integrate application & transaction security solution for enterprise and government The market leader in enterprise-grade HSM Integrated with multiple Microsoft applications FIM, SharePoint, Scalable can be shared across applications FIPS L3/CC EAL 4 Proven customer base World s first and only unified platform that delivers intelligent data protection and control for ALL information assets Integrated with Microsoft SQL Scalable with other Databases/mixed environments FIPS L2 CC EAL Proven customer base SafeNet Disc encryption is fully integrated with Active Directory and ADAM Fully integrated with AD and ADAM Full disk and removable storage media encryption Pre-boot authentication; two-factor authentication support FIPS validated; Common Criteria EAL4 Proven customer base REV 0.1 2
3 Microsoft HSM Integrations Microsoft OCSP Forefront Identity Manager (FIM) Threat Gateway Forefront Threat Gateway helps protect against malware and other threats SafeNet Products using Active Directory for Unified Access Gateway (UAG) securing Active Directory Certificate Services (PKI) MSSQL 2008 R2 Database Encryption SafeNet Luna SA provides SSL key management, key security and performance acceleration to the TMG server and its users Active Directory Rights Services (ADRMS) SharePoint
4 Microsoft HSM Integrations SafeNet Products using Active Directory for Microsoft OCSP Forefront Identity Manager (FIM) securing Threat Gateway Active Directory Certificate Services (PKI) Microsoft Certificate Services creates and manages public key certificates used within PKI environments. SafeNet Luna SA, Luna PCI and Luna CA4 provide root and subordinate key management and key protection Unified Access Gateway (UAG) MSSQL 2008 R2 Database Encryption SafeNet Authentication tokens protect end entity credentials Active Directory Rights Services (ADRMS) SharePoint
5 Microsoft HSM Integrations Microsoft OCSP Forefront Identity Manager (FIM) Threat Gateway Microsoft SQL Server offers a complete approach to managing, accessing and delivering information across an organisation SafeNet Products using Active Directory for Unified Access Gateway (UAG) securing Active Directory Certificate Services (PKI) MSSQL 2008 R2 Database Encryption SafeNet Luna SA, PCI and DataSecure protect MS SQL key material (TDE, EKM) and provide database encryption capabilities delivering separation of key material from the data, as well as enhanced key management Active Directory Rights Services (ADRMS) SharePoint
6 HSM = Hardware Security Module HSMs are High Security cryptographic Engines Value in the Name Hardware HSMs are Key Managers for high value processes/transactions HSMs come in 2 different key management design philosophies: Keys stored in hardware H Keys stored in software but moved around with a hardware based master key Benefits an HSM should provide: Trusted Key Lifecycle Audit No unknown copies of keys Trusted backup Cryptographic acceleration Offload Reduced dev time Easy APIs Significant Certifications savings Reduced Litigation exposure Scalability both for performance and redundancy
7 SafeNet HSMs are pre-integrated with the Following MS Applications: SQL (will be first to support SQL R2 New SQL enc book 2 SFNT HSM chapters) AD Certificate Services (CA) RMS OCSP IIS ISA FIM Authenticode OCS (office Communication Server) * All of these have SFNT Integrations guides available. Each integration is tested by SFNT Re-tested with each new version (SFNT MS)
8 Extensible Key Luna HSM achieves First EKM SQL Server 2008 R2 support Luna HSM Luna PCI Two form factors Luna SA network attached Luna PCI PCI Adapter SQL Server 2008 R2 DEK FIPS Level 3 Validated Common Criteria EAL4+ Certified Client App Client App Encrypted Data Page EKM secure key storage and encryption processing Flexible options: Master Key, KEK, and DEK support
9 What s Extensible Key (EKM)? EKM is SQL Server 2008 R2 s interface to HSMs Provided by SFNT EKM API Works Easily with SQL EKM addresses the management challenge of key proliferation with Transparent Data Encryption (TDE) SFNT HSM enhances: Auditable Key of critical keys Separation of SQL admin access to critical keys Secure Hardware based backup of critical keys Offload from SQL server processing Performance of cryptographic operations Meets certification needs: PCI DSS FIPS Common Criteria
10 Microsoft HSM Integrations Microsoft OCSP Forefront Identity Manager (FIM) Threat Gateway Microsoft SharePoint enables users to connect and be empowered through formal and informal business communities SafeNet Products using Active Directory for securing Active Directory Certificate Services (PKI) SafeNet Luna SA provides SSL key management, key security and performance acceleration to the TMG server and its users Unified Access Gateway (UAG) Active Directory Rights Services (ADRMS) SharePoint MSSQL 2008 R2 Database Encryption SafeNet Authentication tokens enable two factor authentication to SharePoint
11 Microsoft HSM Integrations SafeNet Products using Active Directory for Unified Access Gateway (UAG) Microsoft OCSP Forefront Identity Manager (FIM) securing Threat Gateway Active Directory Certificate Services (PKI) MSSQL 2008 R2 Database Encryption Microsoft AD RMS provides information protection to files and other information, no matter where it goes. SafeNet Luna SA provides key management, key security and performance acceleration to the AD RMS server and its users Active Directory Rights Services (ADRMS) SharePoint
12 Microsoft HSM Integrations Luna HSM Active Directory Rights Services (ADRMS) RMS Server Certification Licensing Templates Active Directory Authentication Service Discovery Group Membership SQL Server Configuration data Logging Cache
13 Microsoft HSM Integrations Microsoft OCSP Forefront Identity Manager (FIM) Threat Gateway Microsoft Forefront Unified Access Gateway enables employees to gain seamless remote access to corporate applications and data SafeNet Products using Active Directory for Unified Access Gateway (UAG) Active Directory Rights Services (ADRMS) securing SharePoint Active Directory Certificate Services (PKI) MSSQL 2008 R2 Database Encryption SafeNet Authentication tokens enable two factor authentication to VPN services via OTP or Certificate based Authentication protected by FIPS and Common Criteria validated devices
14 Microsoft HSM Integrations Microsoft OCSP Forefront Identity Manager (FIM) Threat Gateway Microsoft Active Directory provides the means to manage the identities and relationships that make up an organisation's network SafeNet Products using Active Directory for securing Active Directory Certificate Services (PKI) SafeNet ProtectDrive leverages Active Directory management to deliver full disk encryption Unified Access Gateway (UAG) Active Directory Rights Services (ADRMS) SharePoint MSSQL 2008 R2 Database Encryption SafeNet Authentication tokens provide OTP and Certificate based Authentication integrated with Active Directory
15 Microsoft HSM Integrations Microsoft OCSP Forefront Identity Manager (FIM) Threat Gateway Microsoft OCSP provides real-time validation of a certificate s status SafeNet Products using Active Directory for Unified Access Gateway (UAG) securing Active Directory Certificate Services (PKI) MSSQL 2008 R2 Database Encryption SafeNet Luna SA and Luna PCI provide key management and key protection ensuring trust in the responses delivered by the OCSP service Active Directory Rights Services (ADRMS) SharePoint
16 Microsoft HSM Integrations SafeNet Products using Active Directory for Unified Access Gateway (UAG) Microsoft OCSP Active Directory Rights Services (ADRMS) Forefront Identity Manager (FIM) securing SharePoint Threat Gateway Active Directory Certificate Services (PKI) MSSQL 2008 R2 Database Encryption Microsoft Forefront Identity Manager Certificate provides registration authority and certificate management to users and devices SafeNet Luna SA provides key storage and security for the agent private keys, global platform master keys and related Certificate Authority keys used with a FIM CM deployment
17 Solution Briefs
18 Microsoft Integration Guide Examples
19 An Introduction to HSMs HSM Hardware Security Module A HSM is a collection of algorithms, secure key storage, accelerators, key management all inside a tamper resistant unit it s like a box of cryptographic Lego how you put the elements together determines what the HSM does
20 An Introduction to HSMs Security Sensitive What cryptographic is a HSM, keys and processes Why are use stored, one? managed and protected by dedicated hardware Performance Processing bottlenecks are eliminated with hardware cryptographic acceleration Auditability Dedicated hardware provides a clear audit trail for all key materials
21 Why Secure Your Keys? HSMs protect against Internal and External attacks HSMs protect against keys being made vulnerable from system crashes HSMs protect against keys being made vulnerable from Viruses or Trojans HSMs limit, control and protect backups
22 Why Secure Your Keys?
23 Why Secure Your Keys?
24 Why Secure Your Keys? Experts know the consequences of root-key vulnerabilities All the trust in a CA relies on the fact that it and only it can apply such a signature and that no one else can imitate it. If the CA signing key was to be compromised, all certificates issued by this CA could no longer be trusted, causing the CA to revoke and re-issue certificates under a new signature. This would destroy the trust in the PKI to such a point that subscribers might not want to do business with the CA from then on. (Gord Ireland, Information Technology Services, Bank of Canada)
25 Why Secure Your Keys?
26 Why Secure Your Keys?
27 Why Secure Your Keys? Offers functionality not always available in software-based applications such as 2-factor authentication, Key Generation and Disposal, Key Recovery, Secure Key Distribution, Key Rotation Separates data from key storage delivering an additional level of protection through the physical separation of keys and data
28 Why Secure Your Keys? Higher performance for hardware-based cryptographic operation Centralized Key and Cryptographic Operation allows the consolidation and simplification of encryption and cryptographic data with centralised key management across the enterprise
29 Why Secure Your Keys? Best Practice
30 Luna Product Overview Application Java CAPI, CNG OpenSSL Driver PKCS 11 TLS Win, Sun, Linux, AIX, HP-UX HSMs use Application Programming Interfaces (APIs) for communication these are a standard collection of calls and commands that are interpreted by any given HSM or other device that support them
31 Luna Product Overview Luna SA Luna PCI Luna CA4 High assurance enterprise-grade HSM 5,500+ ops/s Certifications: FIPS Level 3, CC EAL 4+ Full platform support Secure remote administration 10/100 Ethernet interface Extensive algorithm support Supports partitioning Hardware secured remote administration Fast, high-assurance PCI HSM card for hardware key management and crypto acceleration 7,000 ops/s PCI, PCIe form factors FIPS Level 3 Supports two-factor trusted path authentication Extensive Algorithm support Root key HSM for true hardware key management FIPS Level 3 certified Extensive algorithm support Supports two-factor trusted path authentication Supports common certificate authorities (Microsoft, Entrust, VeriSign, RSA, etc.)
32 Luna SA, network attached HSM The Luna SA is an Ethernet attached HSM designed to protect critical cryptographic keys and accelerate sensitive cryptographic operations across a wide range of security applications
33 Luna SA, network attached HSM
34 Luna SA, network attached HSM The Remote Luna PED SA provides offers full built-in PED functionality High Availability, at remote Key Synchronisation administration workstation, and Redundancy allowing features the deployment with automated of a 'factory reintroduction default' HSM and of the failed ability unitsto remotely initialise it thereby not giving up control of devices to data centre employees Application Servers Load balanced on or off-site devices Remote PED and Remote Administration
35 Luna SA, network attached HSM
36 Luna PCI, internal HSM FAST Luna PCI 3000 & 7000 Up to 7000 transactions per second SECURE Keys in hardware PW Auth or PED Auth FIPS validated EASY Simple to integrate and deploy
37 Luna CA4, internal HSM SECURE Keys in hardware FIPS validated Under validation to CC EAL 4+ EASY Simple to integrate and deploy with the Luna DOCK II USBattached reader CONVENIENT Removable, easily securable form factor
38 Luna SA & Luna CA4 PKI Bundle
39 Hardware Secured Key Best Practice Hardware-Secured Key Generation Keys must be generated on a secure key management Hardware-Secured Key Storage Best Practice: The Key must always be stored on a secure HSM Hardware-Secured Key Backup Best Practice: When Private Keys are backed up, they must be backed up directly to another identical security device Hardware-Secured Digital Signing Best Practice: All certificate signing operations must be performed exclusively within the HSM
SafeNet Securing Microsoft Solutions
SafeNet Securing Microsoft Solutions SafeNet and Microsoft work closely to enhance the security of Microsoft solutions. The Microsoft on Windows provides customizable services for creating and managing
More informationEntrust Technical Integration Guide for Entrust Security Manager 7.1 SP3 and SafeNet Luna CA4
Entrust Technical Integration Guide for Entrust Security Manager 7.1 SP3 and SafeNet Luna CA4 July 2008 Entrust is a registered trademark of Entrust, Inc. in the United States and certain other countries.
More informationThales e-security. Security Solutions. PosAm, 06th of May 2015 Robert Rüttgen
Thales e-security Security Solutions PosAm, 06th of May 2015 Robert Rüttgen Hardware Security Modules Hardware vs. Software Key Management & Security Deployment Choices For Cryptography Software-based
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationSafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION
SafeNet ProtectApp APPLICATION-LEVEL ENCRYPTION Encrypt application data and keep it secure across its entire lifecycle no matter where it is transferred, backed up, or copied Rich application encryption
More informationSecurity Solutions for Microsoft Applications
Security Solutions for Microsoft Applications Contents Introduction 3 The Role of Security in Modern Business 4 Microsoft s Best Practices for Trustworthy Computing 5 Data-centric Security 6 Basic encryption
More informationBlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE. Cryptographic Appliances with Integrated Level 3+ Hardware Security Module
BlackVault Hardware Security Platform SECURE TRUSTED INTUITIVE Cryptographic Appliances with Integrated Level 3+ Hardware Security Module The BlackVault hardware security platform keeps cryptographic material
More information3 CERTIFICATION AUTHORITY KEY PROTECTION (HSMS)
3 CERTIFICATION AUTHORITY KEY PROTECTION (HSMS) 3.1 Introduction In any public key infrastructure deployment, the protection of private key material (application keys) associated with the public/private
More informationDyadic Enterprise. Unbound Key Control For Azure Marketplace. The Secure-As-Hardware Software With a Mathematical Proof
Dyadic Enterprise Unbound Key Control For Azure Marketplace The Secure-As-Hardware Software With a Mathematical Proof Unbound Key Control (UKC) is the first software-only key management and key protection
More informationOn Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor
On Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor Ugo Piazzalunga SafeNet Italy Technical Manager, IT Security ugo.piazzalunga@safenet-inc.com
More informationhidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION
HID ActivOne USER FRIENDLY STRONG AUTHENTICATION We understand IT security is one of the TOUGHEST business challenges today. HID Global is your trusted partner in the fight against data breach due to misused
More informationAxway Validation Authority Suite
Axway Validation Authority Suite PKI safeguards for secure applications Around the world, banks, healthcare organizations, governments, and defense agencies rely on public key infrastructures (PKIs) to
More informationAXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure
AXIAD IDS CLOUD SOLUTION Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure Logical Access Use Cases ONE BADGE FOR CONVERGED PHYSICAL AND IT ACCESS Corporate ID badge for physical
More informationPKI Credentialing Handbook
PKI Credentialing Handbook Contents Introduction...3 Dissecting PKI...4 Components of PKI...6 Digital certificates... 6 Public and private keys... 7 Smart cards... 8 Certificate Authority (CA)... 10 Key
More informationKeyOne. Certification Authority
Certification Description KeyOne public key infrastructure (PKI) solution component that provides certification authority (CA) functions. KeyOne CA provides: Public key infrastructure deployment for governments,
More informationThe SafeNet Security System Version 3 Overview
The SafeNet Security System Version 3 Overview Version 3 Overview Abstract This document provides a description of Information Resource Engineering s SafeNet version 3 products. SafeNet version 3 products
More informationDyadic Security Enterprise Key Management
Dyadic Security Enterprise Key Management The Secure-as-Hardware Software with a Mathematical Proof Dyadic Enterprise Key Management (EKM) is the first software-only key management and key protection system
More informationProviding Secure, Fast and Available
Providing Secure, Fast and Available SharePoint with F5 BIG-IP John Lee, Federal Systems Engineer Version 3.0 Rate Shaping TCP Express SSL Caching XML Compression OneConnect TCP Express ASM Web Accel 3
More informationCertificate Enrollment- and Signing Services for the Cloud. A behind-the-scenes presentation of a successful cooperation between
Certificate Enrollment- and Signing Services for the Cloud A behind-the-scenes presentation of a successful cooperation between Introduction Based on our experience and the request from the market we would
More informationPKI is Alive and Well: The Symantec Managed PKI Service
PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1 Agenda 1 2 3 PKI Background: Problems and Solutions
More informationWhy Gemalto with F5. Trust. Every day. Matija Mandarić, Presales Engineer, Veracomp. February 2017
Why Gemalto with F5 Trust. Every day. February 2017 Matija Mandarić, Presales Engineer, Veracomp We are the world leader in digital security +2bn END USERS BENEFIT FROM OUR SOLUTIONS 2.5bn 2014 REVENUE
More informationUltra Electronics AEP Networks Ltd Ultra Safe Keyper
RSA Secured Implementation Guide For 3rd Party PKI Applications Last Modified: February 12 th, 2013 Partner Information Product Information Partner Name Ultra Electronics AEP Networks Ltd Web Site www.ultra-aep.com
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! Compliance, standards, and best practices! Encryption and
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.2 Effective
More informationVenafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.
Venafi Platform Architecture 1 Architecture Basic Professional Services 2018 Venafi. All Rights Reserved. Goals 1 2 3 4 5 Architecture Basics: An overview of Venafi Platform. Required Infrastructure: Services
More informationMobilePASS. Security Features SOFTWARE AUTHENTICATION SOLUTIONS. Contents
MobilePASS SOFTWARE AUTHENTICATION SOLUTIONS Security Features Contents Introduction... 2 Technical Features... 2 Security Features... 3 PIN Protection... 3 Seed Protection... 3 Security Mechanisms per
More informationSafeNet HSM solutions for secure virtual amd physical environments. Marko Bobinac SafeNet PreSales Engineer
SafeNet HSM solutions for secure virtual amd physical environments Marko Bobinac SafeNet PreSales Engineer Root of trust for your physical and virtual environment 2 But HW doesn t work in a Virtual World?
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! What s new from Microsoft?! Compliance, standards, and
More informationPublic Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman
Public Key Infrastructure PKI National Digital Certification Center Information Technology Authority Sultanate of Oman Agenda Objectives PKI Features etrust Components Government eservices Oman National
More informationUtimaco HSM Introduction JIPDEC Seminar June 2017
Utimaco HSM Introduction JIPDEC Seminar June 2017 Joerg Horn Director Business Development Utimaco HSM Business Unit Aachen, Germany 2016 hsm.utimaco.com Page 1 Part 1 Introduction Utimaco History HSM
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.18 Effective Date: August 16, 2017 Table of Contents 1. Introduction... 5 1.1. Trademarks...
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.3 Effective
More informationSecurity: The Key to Affordable Unmanned Aircraft Systems
AN INTEL COMPANY Security: The Key to Affordable Unmanned Aircraft Systems By Alex Wilson, Director of Business Development, Aerospace and Defense WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY
More informationUse Cases Oriented Portfolio. Marko Bobinac PreSales Engineer, Identity & Data Protection
Use Cases Oriented Portfolio Marko Bobinac PreSales Engineer, Identity & Data Protection Identity and DataProtection portfolio ProtectFile Server/Desktop Agent Network Share Encryption Proxy Protect NAS
More informationHARDWARE SECURITY MODULES (HSMs)
HARDWARE SECURITY MODULES (HSMs) Cryptography: The basics Protection of data by using keys based on complex, randomly-generated, unique numbers Data is processed by using standard algorithms (mathematical
More informationApple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 1.0 Effective Date: March 12, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
More informationEndpoint Protection with DigitalPersona Pro
DigitalPersona Product Brief Endpoint Protection with DigitalPersona Pro An introductory technical overview to DigitalPersona s suite for Access Management, Data Protection and Secure Communication. April
More informationDeployment Scenarios Microsoft TMG Standard, TMG Enterprise, TMG Branch Office series Appliances
Deployment Scenarios Microsoft TMG Standard, TMG Enterprise, TMG Branch Office series Appliances TMG Server 2010 Appliance (ntmg or ntmge Series) provides value to IT managers, network administrators,
More informationManaging Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More informationAlliance Key Manager A Solution Brief for Technical Implementers
KEY MANAGEMENT Alliance Key Manager A Solution Brief for Technical Implementers Abstract This paper is designed to help technical managers, product managers, and developers understand how Alliance Key
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013 Table of Contents 1. Introduction... 5 1.1. Trademarks... 5
More informationUELMA Exploring Authentication Options Nov 4, 2011
UELMA Exploring Authentication Options Nov 4, 2011 A U T H E N T I C A T I O N M E T H O D S P R E L I M I N A R Y R E P O R T B R A D L E E C H A N G X C E N T I A L G R O U P B R A D @ X C E N T I A
More informationHARDWARE SECURITY MODULES DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY
HARDWARE SECURITY MODULES DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY HARDWARE SECURITY MODULES Deployment strategies for enterprise security Organizations around the world are creating open, flexible
More informationThe Cloud Changes Nothing and Everything! Amazon.com, Inc. and its affiliates. All rights reserved.
The Cloud Changes Nothing and Everything! Amazon.com, Inc. and its affiliates. All rights reserved. About How Amazon did Amazon Web Services Deep experience in building and operating global web scale systems?
More informationThe Smart Grid Security Innovation Alliance. John Reynolds October 26, 2011 Cambridge, Massachusetts
The Smart Grid Security Innovation Alliance John Reynolds October 26, 2011 Cambridge, Massachusetts The SGSIA addresses the entire ecosystem. The Smart Grid Security Innovation Alliance is a working association
More informationComodo Certificate Manager. Centrally Managing Enterprise Security, Trust & Compliance
Centrally Managing Enterprise Security, Trust & Compliance SSL Certificate Management - PKI With an ever-increasing abundance of web-enabled, collaborative and mobile applications, as well as netaccessible
More informationCertificate Enrollment for the Atlas Platform
Certificate Enrollment for the Atlas Platform Certificate Distribution Challenges Digital certificates can provide a secure second factor for authenticating connections from MAP-wrapped enterprise apps
More informationTECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION
TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION SMS PASSCODE is the leading technology in a new generation of two-factor authentication systems protecting against the modern Internet threats.
More informationEchidna Concepts Guide
Salt Group Concepts Guide Version 15.1 May 2015 2015 Salt Group Proprietary Limited. All rights reserved. Information in this document is subject to change without notice. The software described in this
More informationGetting to Grips with Public Key Infrastructure (PKI)
Getting to Grips with Public Key Infrastructure (PKI) What is a PKI? A Public Key Infrastructure (PKI) is a combination of policies, procedures and technology that forms a trust infrastructure to issue
More informationProtecting Keys/Secrets in Network Automation Solutions. Dhananjay Pavgi, Tech Mahindra Ltd Srinivasa Addepalli, Intel
Protecting Keys/Secrets in Network Automation Solutions Dhananjay Pavgi, Tech Mahindra Ltd Srinivasa Addepalli, Intel Agenda Introduction Private Key Security Secret Management Tamper Detection Summary
More informationRSA Validation Solution
RSA Validation Solution Agenda Need for Certificate Validation Certificate Validation CRLs OCSP RSA Validation Solution RSA Validation Manager RSA Validation Client Summary Agenda Need for Certificate
More informationDisk Encryption Buyers Guide
Briefing Paper Disk Encryption Buyers Guide Why not all solutions are the same and how to choose the one that s right for you.com CommercialSector Introduction We have written this guide to help you understand
More informationCertification Report
Certification Report EAL 4+ Evaluation of Chrysalis-ITS, Inc. Luna CA³ Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme 2002
More informationAS emas emudhra Authentication Solution
AS emas emudhra Authentication Solution Create your own trusted enterprise network of users, devices, applications! With malware, ransomware and other cyber threats constantly thrown at Enterprises, a
More informationCloudHSM Deep-Dive. Dave Walker Specialised Solutions Architect Security/Compliance Amazon Web Services UK Ltd
CloudHSM Deep-Dive Dave Walker Specialised Solutions Architect Security/Compliance Amazon Web Services UK Ltd 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved CloudHSM Tamper-Proof
More informationKey Management in a System z Enterprise
IBM Systems IBM z Systems Security Conference Business Security for today and tomorrow > 27-30 September Montpellier Key Management in a System z Enterprise Leo Moesgaard (lemo@dk.ibm.com) Manager of IBM
More informationXenApp 5 Security Standards and Deployment Scenarios
XenApp 5 Security Standards and Deployment Scenarios 2015-03-04 20:22:07 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents XenApp 5 Security Standards
More informationIBM Tivoli Directory Server
Build a powerful, security-rich data foundation for enterprise identity management IBM Tivoli Directory Server Highlights Support hundreds of millions of entries by leveraging advanced reliability and
More informationwhite paper SMS Authentication: 10 Things to Know Before You Buy
white paper SMS Authentication: 10 Things to Know Before You Buy SMS Authentication white paper Introduction Delivering instant remote access is no longer just about remote employees. It s about enabling
More informationQuoVadis Trustlink Schweiz AG Teufenerstrasse 11, 9000 St. Gallen
QuoVadis The Swiss solution for digital certificates with worldwide distribution QuoVadis Trustlink Schweiz AG Teufenerstrasse 11, 9000 St. Gallen Overview!! Check list for Root signing or managed PKI!!
More informationTHALES esecurity: SECURING YOUR DIGITAL TRANSFORMATION
www.thalesesecurity.com THALES esecurity: SECURING YOUR DIGITAL TRANSFORMATION Enterprises are committing to a digital transformation initiative by embracing new opportunities and building
More informationUnstructured Data. Stored & Archived Data. Customers + Partners
WHERE IS YOUR DATA? WHERE ARE YOUR KEYS? Structured Data Unstructured Data Live Data 1 Databases Data in Motion Virtual Machines Virtualized Data 2 Stored & Archived Data 3 Key Management and Root of Trust
More informationWhose Cloud Is It Anyway? Exploring Data Security, Ownership and Control
Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control SESSION ID: CDS-T11 Sheung-Chi NG Senior Security Consulting Manager, APAC SafeNet, Inc. Cloud and Virtualization Are Change the
More informationThe Password Authentication Paradigm In today s business world, security in general - and user authentication in particular - are critical components
YOUR ULTIMATE AUTHENTICATION SOLUTION A l a d d i n. c o m / e T o k e n The Password Authentication Paradigm In today s business world, security in general - and user authentication in particular - are
More informationTrusted Computing Group
Trusted Computing Group Backgrounder May 2003 Copyright 2003 Trusted Computing Group (www.trustedcomputinggroup.org.) All Rights Reserved Trusted Computing Group Enabling the Industry to Make Computing
More informationCertification Authority
Certification Authority Overview Identifying CA Hierarchy Design Requirements Common CA Hierarchy Designs Documenting Legal Requirements Analyzing Design Requirements Designing a Hierarchy Structure Identifying
More informationDelivering High-mix, High-volume Secure Manufacturing in the Distribution Channel
Delivering High-mix, High-volume Secure Manufacturing in the Distribution Channel Steve Pancoast Vice President, Engineering Secure Thingz Inc Rajeev Gulati Vice President and CTO Data IO Corporation 1
More informationVenafi Server Agent Agent Overview
Venafi Server Agent Agent Overview Venafi Server Agent Agent Intro Agent Architecture Agent Grouping Agent Prerequisites Agent Registration Process What is Venafi Agent? The Venafi Agent is a client/server
More informationArchitecture 1 3. SecureToken. 32-bit microprocessor smart chip. Support onboard RSA key pair generation. Built-in advanced cryptographic functions
SecureToken Architecture 1 3 2 32-bit microprocessor smart chip Support onboard RSA key pair generation Built-in advanced cryptographic functions 4 5 6 7 8 9 10 Support onboard digital signing Supports
More informationWhite Paper. Deploying CKMS Within a Business
White Paper Deploying CKMS Within a Business 1 Introduction The Cryptomathic Crypto Key Management System (CKMS) is a market-leading lifecycle key management product that can manage cryptographic keys
More informationApple Inc. Certification Authority Certification Practice Statement. Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Version 4.0 Effective Date: September 18, 2013 Table of Contents
More informationRethinking IoT Authentication & Authorization Models
Rethinking IoT Authentication & Authorization Models 2017 ISSA SoCal Security Symposium September 14, 2017 Hilton Orange County, Costa Mesa Brian Knopf @DoYouQA WHO AM I Sr Director of Security Research
More informationTransKrypt Security Server
TransKrypt Security Server Overview Security of transactions is critical as the volume of payments are growing at a faster pace from new generation mobile and broadband based IP payment terminals and devices.
More informationVirtual KeySecure for AWS
Virtual KeySecure for AWS CUSTOMER RELEASE NOTES Version: 8.2.1 Issue Date: June 5 2015 Document Part Number: 007-013116-001, Rev A Contents Product Description... 2 Key Management... 2 High Performance...
More informationRedesigning PKI To Solve Revocation, Expiration, & Rotation Problems. Brian
Redesigning PKI To Solve Revocation, Expiration, & Rotation Problems Brian Knopf @DoYouQA WHO AM I Sr Director of Security Research & IoT Architect @Neustar @DoYouQA 20+ Home Previously years in IT, QA,
More informationTHE THALES SECURITY WORLD ARCHITECTURE
www.thalesesecurity.com THE THALES SECURITY WORLD ARCHITECTURE Optimizing Security and Operational Efficiency in nshield HSM Environments White Paper Executive Summary Today s security
More informationIdentity and Authentication PKI Portfolio
Identity and Authentication PKI Portfolio Gemalto offers comprehensive public key infrastructure (PKI) authentication solutions that provide optimal levels of security. Supporting a wide portfolio of IDPrime
More informationSecurity Requirements for Crypto Devices
Security Requirements for Crypto Devices Version 1.0 02 May 2018 Controller of Certifying Authorities Ministry of Electronics and Information Technology 1 Document Control Document Name Security Requirements
More informationnshield GENERAL PURPOSE HARDWARE SECURITY MODULES
www.thalesesecurity.com nshield GENERAL PURPOSE HARDWARE SECURITY MODULES Contents 1. SECURITY YOU CAN TRUST 3 2. THE nshield FAMILY 4 3. SUPPORT FOR WIDE VARIETY OF USES 5 4. FEATURES
More informationCertification Report
Certification Report EAL 4+ Evaluation of Version 2.6 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationCreating Trust in a Highly Mobile World
Creating Trust in a Highly Mobile World Technical White Paper Oct, 2014 MobileCrypt with Hardware Strength Security MobileCrypt s solution leverages an Android based mobile application and a Hardware Security
More informationBusting the top 5 myths of cloud-based authentication
Busting the top 5 myths of cloud-based authentication Insert Your Name Jason Hart CISSP CISM Vice President, Cloud Solutions SafeNet, Inc. Insert Your Title Insert Date Overview Cloud benefits Agility
More informationChoosing a Full Disk Encryption solution. A simple first step in preparing your business for GDPR
Choosing a Full Disk Encryption solution A simple first step in preparing your business for GDPR beinformed Understand the impact Under GDPR, your organisation is required to protect data stored on devices,
More informationBringing Core-Level Data Protection Solutions to the Tactical Field. January 2018
Bringing Core-Level Data Protection Solutions to the Tactical Field January 2018 1 Core-level Security Extended to the Tactical Field Trusted, U.S. based source for tactical cyber security solutions from
More informationWhy AWS CloudHSM Can Revolutionize AWS
Why AWS CloudHSM Can Revolutionize AWS SESSION ID: CSV-R04A Oleg Gryb Security Architect at Intuit @oleggryb Todd Cignetti Sr. Product Manager at AWS Security Subra Kumaraswamy Chief Product Security at
More informationSymantec Managed PKI Overview. v8.15
Symantec Managed PKI Overview v8.15 Legal Notice Copyright 2015 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo and are trademarks or registered trademarks of
More informationBest Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter
White Paper Best Practices in Securing Your Customer Data in Salesforce, Force.com & Chatter Overcoming Security, Privacy & Compliance Concerns 333 W. San Carlos Street San Jose, CA 95110 Table of Contents
More informationGLOBAL PKI TRENDS STUDY
2018 GLOBAL PKI TRENDS STUDY Sponsored by Thales esecurity Independently conducted by Ponemon Institute LLC SEPTEMBER 2018 EXECUTIVE SUMMARY #2018GlobalPKI Mi Ponemon Institute is pleased to present the
More informationMassively Parallel Hardware Security Platform
Massively Parallel Hardware Security Platform Dan Cvrček, Enigma Bridge, UK dan@enigmabridge.com Petr Švenda, CRoCS, Masaryk University, CZ svenda@fi.muni.cz Overview 1. Cryptography as a Service 2. Usage
More informationSecureDoc Disk Encryption Cryptographic Engine
SecureDoc Disk Encryption Cryptographic Engine Security Policy Abstract: This document specifies Security Policy enforced by the SecureDoc Cryptographic Engine compliant with the requirements of FIPS 140-2
More informationTLS. RFC2246: The TLS Protocol. (c) A. Mariën -
TLS RFC2246: The TLS Protocol What does it achieve? Confidentiality and integrity of the communication Server authentication Eventually: client authentication What is does not do Protect the server Protect
More informationProvisioning secure Identity for Microcontroller based IoT Devices
Provisioning secure Identity for Microcontroller based IoT Devices Mark Schaeffer, Sr. Product Marketing Manager, Security Solutions Synergy IoT Platform Business Division, Renesas Electronics, Inc. May
More informationSecured by RSA Implementation Guide. Last Modified: August 2, 2013
Secure VSA Secured by RSA Implementation Guide Partner Information Last Modified: August 2, 2013 Product Information Partner Name Cloudlink Solutions Web Site http://www.cloudlinktech.com/cloudlink-overview/
More informationParallels Remote Application Server
Parallels Remote Application Server Solutions Guide v16.1 Parallels International GmbH Vordergasse 59 8200 Schaffhausen Switzerland Tel: + 41 52 672 20 30 www.parallels.com Copyright 1999-2017 Parallels
More informationThales nshield Series
RSA Secured Implementation Guide For 3rd Party PKI Applications Last Modified: November 16 th, 2011 Partner Information Product Information Partner Name Thales Web Site www.thales-esecurity.com Product
More informationPAN-OS Integration with SafeNet Luna SA HSM Tech Note PAN-OS 6.0
PAN-OS Integration with SafeNet Luna SA HSM Tech Note PAN-OS 6.0 Revision 1 2014, Palo Alto Networks, Inc. www.paloaltonetworks.com Secure Keys with a SafeNet Luna Hardware Security Module A hardware security
More informationFIPS Non-Proprietary Security Policy
Quantum Corporation Scalar Key Manager Software Version 2.0.1 FIPS 140-2 Non-Proprietary Security Policy Document Version 1.4 Last Update: 2010-11-03 8:43:00 AM 2010 Quantum Corporation. May be freely
More informationImplementing Security in Windows 2003 Network (70-299)
Implementing Security in Windows 2003 Network (70-299) Level 1 Authorization & Authentication 2h 20m 20s 1.1 Group Strategy 1.2 Group Scopes 1.3 Built-in Groups 1.4 System or Special Groups 1.5 Administrating
More informationM2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres
M2M / IoT Security Eurotech`s Everyware IoT Security Elements Overview Robert Andres 23. September 2015 The Eurotech IoT Approach : E2E Overview Application Layer Analytics Mining Enterprise Applications
More information