VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide
VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide The software described in this book is furnished under a license agreement and may be used only in accordance with the terms of the agreement. Legal Notice Copyright 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE. The Licensed Software and Documentation are deemed to be commercial computer software as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19 "Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in Commercial Computer Software or Commercial Computer Software Documentation", as applicable, and any successor regulations. Any use, modification, reproduction release, performance, display or disclosure of the Licensed Software and Documentation by the U.S. Government shall be solely in accordance with the terms of this Agreement. Symantec Corporation 350 Ellis Street Mountain View, CA 94043 http://www.symantec.com
Managed PKI for SSL and Protection Center This document includes the following topics: About Managed PKI for SSL and Protection Center How Managed PKI for SSL integrates with Protection Center Integrating Managed PKI for SSL with Protection Center About Managed PKI for SSL and Protection Center Managed PKI for SSL lets you issue, renew, revoke, and manage all of your SSL certificates from a single, centralized view. It simplifies management of the entire lifecycle of SSL certificates by letting you issue the certificates to multiple servers instantly and on demand, and track and renew them in real time. Protection Center is a centralized security management application. It enables organizations to identify emerging threats, prioritize tasks, and accelerate time to protection based on relevant actionable intelligence. Protection Center uses a combination of process automation and security intelligence to enable users to remediate incidents and proactively protect key systems and information assets. Protection Center incorporates early warning notifications from the Symantec Global Intelligence Network, which is one of the world s largest commercial cyber-intelligence communities. The integration of Managed PKI for SSL with Protection Center enables Protection Center users to manage certificates more effectively and seamlessly. Protection Center users can pre-purchase, inventory, track, and renew digital certificates,
4 Managed PKI for SSL and Protection Center How Managed PKI for SSL integrates with Protection Center automate the renewal process, maintain control of and delegate administration privileges, and view reports. When you integrate Managed PKI for SSL with Protection Center, you need to configure the integration to meet the requirements of your organization. When you have completed the necessary configuration, you are ready to use Managed PKI for SSL in Protection Center. See How Managed PKI for SSL integrates with Protection Center on page 4. See on page 6. How Managed PKI for SSL integrates with Protection Center Managed PKI for SSL integrates with Protection Center by embedding its console within the Protection Center console. Console integration provides Protection Center users a single view to manage their security products. All users with appropriate rights can navigate seamlessly to the Managed PKI for SSL console from within the Protection Center console and perform specific Managed PKI for SSL tasks. The Protection Center console displays the Managed PKI for SSL console embedded within the HTML iframe. Managed PKI for SSL does not support the Protection Center single sign-on (SSO) mechanism. The authentication is handled by the client certificate that the user is required to install. Users who log in to Protection Center are automatically authenticated when they access the Managed PKI for SSL console. They do not need to re-enter their login details. See About Managed PKI for SSL and Protection Center on page 3. See Integrating Managed PKI for SSL with Protection Center on page 4. Integrating Managed PKI for SSL with Protection Center Managed PKI for SSL needs to be manually integrated before it can start working with Protection Center. The following table describes the process for integrating Managed PKI for SSL with Protection Center.
Managed PKI for SSL and Protection Center Integrating Managed PKI for SSL with Protection Center 5 Table 1-1 Integrating Managed PKI for SSL with Protection Center Step Step 1 Step 2 Task Ensure that your Managed PKI for SSL installation meets the integration requirements. Enable Managed PKI for SSL. Description You need to ensure that your environment meets the requirements for integrating Managed PKI for SSL with Protection Center. See Requirements for integrating Managed PKI for SSL with Protection Center on page 5. You can enable Managed PKI for SSL from the list of available supported products in Protection Center. See Enabling Managed PKI for SSL on page 5. Requirements for integrating Managed PKI for SSL with Protection Center Before you can integrate Managed PKI for SSL with Protection Center, you must ensure that your environment meets the integration requirements. Meeting the integration requirements is a step in the process for integrating Managed PKI for SSL with Protection Center. See Integrating Managed PKI for SSL with Protection Center on page 4. The requirements for integrating Managed PKI for SSL with Protection Center are as follows: Protection Center version 2.0 or later. Your Protection Center user account has permission for managing supported products. You can use the predefined SPC_Admin account. You have a VeriSign client certificate stored and imported into the Web browser on the computer that you are using to access Protection Center. For more information on certificates, visit the Managed PKI for SSL Web page at the following URL: http://www.verisign.com/ssl/buy-ssl-certificates/managed-pki/index.html Enabling Managed PKI for SSL You can enable Managed PKI for SSL directly from the list of available products in Protection Center. This task is a step in the process for integrating Managed PKI for SSL with Protection Center. See Integrating Managed PKI for SSL with Protection Center on page 4.
6 Managed PKI for SSL and Protection Center To enable Managed PKI for SSL 1 In Protection Center, on the Admin menu, click Supported Products. 2 On the product management page, on the Available Supported Products tab, select VeriSign Managed PKI for SSL. 3 Click Enable Supported Web Site. 4 Click Enable. Managed PKI for SSL is added to the Enabled Supported Products tab. Using Managed PKI for SSL in Protection Center After you integrate Managed PKI for SSL with Protection Center, you are ready to use Managed PKI for SSL in Protection Center. Protection Center lets you access the VeriSign Managed PKI for SSL Web portal. See Using the embedded VeriSign Managed PKI for SSL console on page 6. Using the embedded VeriSign Managed PKI for SSL console After you integrate Managed PKI for SSL with Protection Center, you can access the VeriSign Managed PKI for SSL from the product selector drop-down list. Through the embedded Managed PKI for SSL console you can do the following: Manage SSL certificates on all you company's servers through one easy-to-use Web application. Review and approve certificate requests within minutes of receiving them. Simplify SSL certificate management by utilizing a single powerful interface across the entire infrastructure. See Integrating Managed PKI for SSL with Protection Center on page 4. To access Managed PKI for SSL 1 In Protection Center, on the product selector, click the down arrow icon. 2 Click Symantec VeriSign Managed PKI for SSL > Symantec VeriSign MPKI Web Portal. Managed PKI for SSL Control Center opens. Information about Managed PKI for SSL and Protection Center is available from many sources.
Managed PKI for SSL and Protection Center 7 Table 1-2 Item Managed PKI for SSL Web page Description High-level information about VeriSign Managed PKI for SSL and links to documentation and other resources. The VeriSign Managed PKI for SSL page is located on the VeriSign Web site at the following URL: http://www.verisign.com/ssl/buy-ssl-certificates/managed-pki/index.html Protection Center Web page High-level information about Protection Center and links to documentation and other resources. The following documentation is available in PDF or HTML format: Symantec Protection Center Getting Started Guide Symantec Protection Center User Guide Symantec Protection Center Release Notes The page also contains links to the Protection Center Appliance Creator program that is used to create the Protection Center virtual and physical appliances. The Protection Center page is located on the Symantec Web site at the following URL: http://go.symantec.com/protection-center Technical Support Protection Center landing page The page contains quick links to documentation, best practices, troubleshooting, and updates. The Technical Support Protection Center landing page is located at the following URL: http://www.symantec.com/business/support/index?page=landing&key=60247
8 Managed PKI for SSL and Protection Center