PKI is Alive and Well: The Symantec Managed PKI Service

Similar documents
The Device Has Left the Building

Symantec Managed PKI. Integration Guide for AirWatch MDM Solution

Single Secure Credential to Access Facilities and IT Resources

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Certificate Enrollment- and Signing Services for the Cloud. A behind-the-scenes presentation of a successful cooperation between

Bring Your Own Device. Peter Silva Technical Marketing Manager

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

AXIAD IDS CLOUD SOLUTION. Trusted User PKI, Trusted User Flexible Authentication & Trusted Infrastructure

Making the Case for Digital Signatures

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Certificate Enrollment for the Atlas Platform

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

Data Insight Feature Briefing Box Cloud Storage Support

EM L05 Symantec Mobile Management Managing ios and Android Devices

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Strong Security Elements for IoT Manufacturing

hidglobal.com Still Going Strong SECURITY TOKENS FROM HID GLOBAL

Ramnish Singh IT Advisor Microsoft Corporation Session Code:

Certification Authority

VMware AirWatch Integration with SecureAuth PKI Guide

Authentication Technology for a Smart eid Infrastructure.

Leveraging HSPD-12 to Meet E-authentication E

The Cloud Identity Crisis

Symantec Managed PKI Overview. v8.15

white paper SMS Authentication: 10 Things to Know Before You Buy

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

Google on BeyondCorp: Empowering employees with security for the cloud era

Windows 10. Tech Note. Open the Window to Endless Possibilities. Windows for the Enterprise. Universal App Experience

VMware AirWatch Integration with OpenTrust CMS Mobile 2.0

Yubico with Centrify for Mac - Deployment Guide

Endpoint Protection with DigitalPersona Pro

Symantec To Acquire VeriSign s Identity and Authentication Business. May 19, 2010

Trusted Computing Today: Benefits and Solutions

Three Steps to Protect Your Virtual Systems

Are You Flirting with Risk?

Managing Devices and Corporate Data on ios

Comodo Certificate Manager. Centrally Managing Enterprise Security, Trust & Compliance

ENTRUST DATACARD DERIVED PIV CREDENTIAL SOLUTION

ASIA PKI Forum Overcome PKI Deployment Obstacles. Terry Leahy, CISSP Vice President, Wells Fargo Sept 15th, 2003

Indeed Card Management Smart card lifecycle management system

Identity and Authentication PKI Portfolio

A HOLISTIC APPROACH TO IDENTITY AND AUTHENTICATION. Establish Create Use Manage

Service Description VMware Workspace ONE

ipad in Business Security Overview

Adding value to your MS customers

Intel and Symantec: Improving performance, security, manageability and data protection

Next Generation Authentication

SafeNet Securing Microsoft Solutions

Table of Contents HOL-1757-MBL-6

Leveraging the LincPass in USDA

Echidna Concepts Guide

EM L01 Introduction to Mobile

QUANTUM SAFE PKI TRANSITIONS

Guide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

Intune Policies Guide

Managing SSL Security in Multi-Server Environments

Publishing Enterprise Web Applications to BYOD using a Granular. Trust Model. Shachaf Levi IT Client Security & Connectivity May 2013.

Delivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE

Deliver Data Protection Services that Boost Revenues and Margins

Cloud Services. Infrastructure-as-a-Service

A comprehensive security solution for enhanced mobility and productivity

How Next Generation Trusted Identities Can Help Transform Your Business

Six steps to control the uncontrollable

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

Smart Data Center From Hitachi Vantara: Transform to an Agile, Learning Data Center

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Are You Flirting with Risk?

Table of Contents. VMware AirWatch: Technology Partner Integration

GLOBAL PKI TRENDS STUDY

Comodo Certificate Manager

AirWatch Mobile Device Management

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

BlackBerry Enterprise Identity

VMware Workspace ONE UEM VMware AirWatch Cloud Connector

Transforming the Document Signing Process

What s New for Enterprise and Education ios 11, macos High Sierra 10.13, tvos 11, and deployment tools and services

VMware AirWatch Integration with RSA PKI Guide

Public. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

Mobile Security using IBM Endpoint Manager Mobile Device Management

Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control

On Demand Cryptographic Resources for Your Virtual Data Center and the Cloud: Introducing SafeNet s Crypto Hypervisor

Mobile Devices prioritize User Experience

Implementing Your BYOD Mobility Strategy An IT Checklist and Guide

Workspace ONE UEM Integration with OpenTrust CMS Mobile 2. VMware Workspace ONE UEM 1811

Symantec Mobile Management 7.1 Implementation Guide

Apple OS Deployment Guide for the Enterprise

VMware AirWatch Certificate Authentication for Cisco IPSec VPN

Who s Protecting Your Keys? August 2018

Cloud Link Configuration Guide. March 2014

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

ERP Solution to the Cloud

MobilePASS. Security Features SOFTWARE AUTHENTICATION SOLUTIONS. Contents

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

CERTIFICATE POLICY CIGNA PKI Certificates

KeyOne. Certification Authority

Guide to Deploying VMware Workspace ONE with VMware Identity Manager. SEP 2018 VMware Workspace ONE

Enhancing Exchange Mobile Device Security with the F5 BIG-IP Platform

Transcription:

PKI is Alive and Well: The Symantec Managed PKI Service Marty Jost Product Marketing, User Authentication Lance Handorf Technical Enablement, PKI Solutions 1

Agenda 1 2 3 PKI Background: Problems and Solutions Symantec Managed PKI: Customer Use Cases Demonstration

Initial PKI Use Fueled by Business Migration to Internet Enable Growth and remain competitive Manage risk to assets and brand Cost cutting drives more businesses to online model Competitive necessity Non-repudiation an essential element of e-commerce Protect public image High value targets Hacker profiles evolving from attention seekers to organized sponsorship Failure to enable = loss of agility Public security breaches = lost customer confidence 3

Business Related Authentication Verify the organization you are doing business with SSL Use Case SSL technology authenticates the web site Web site identity verified as part of cert issuance Relies on CA root certificates embedded in browsers Most common use cases implement passwords for client authentication to site SSL web site certificate used to encrypt information during online session Code Signing Use Case Identifies identity of code signing developer Provides virtual shrink wrap to ensure code is not altered after signing 4

Digital Certificates Have Additional Versatility Validate users and user data Digital Signatures Strengthen integrity and audit potential of electronic transactions 5

What Exactly Is a User or Device Certificate? A Digital Identity File conforming to a standard (X.509, PEM etc) Strength comes from Public-key Crypto Keys commonly 1024 bit Increasingly 2048 bit Stored on user device (or a smart card) Contains some required information User or device name Public key Hash of itself Signature of issuing authority Customizable through meta-data Extension fields Customer specific information Symantec Confidential Do Not Distribute 6

Symantec Strong Authentication Solutions Flexibile, diverse technology for broad customer requirements Symantec Managed PKI Service Device and User Certificates Validation and Identity Protection Service Multiple Credential Form Factors (OTP or Risk-based) Symantec O3 Authorization gateway to cloud Single Sign-on Stored on disk or token Available in hardware or software Symantec Web-based Management Symantec Cloud-based Authentication Infrastructure Risk-based Authentication 7

Agenda 1 2 3 PKI Background: Problems and Solutions Symantec Managed PKI: Customer Use Cases Demonstration

Symantec Enterprise Customers Use PKI as an Enabler Improve Business Agility and Business Processes Mobility to create a flexible workforce Supply chain integration to for better collaboration Comply with business ecosystem requirements 9

Symantec Managed PKI Solution Out of Box Support for Multiple Use Cases Infrastructure Authentication Transparent WIFI, EAP enabled wired switch, or Mobile Device Mgmt Document Signing Digitally signatures for Adobe PDF, MiS Office and others Secure Remote Access Strong authentication to networks via VPN Secure Email Digitally signed, encrypted email communications Strong Web Authentication Authenticate to web apps via a browser + Other Initiatives Multi-use Smart Cards (HSPD 12/PIV) Healthcare Information Exchange (HIE) 10

How Do You Manage Certificates? One option is to self-manage with readily PKI available tools Certificate Software & Hardware Microsoft &%$#! Not always Multi-platform? Not easy to use Will it Scale? Symantec Managed PKI Service Solution Overview 11

Other Requirements for Trusted PKI Policy & Practices Security Services and key recovery Secure Infrastructure Application Integration Certificate Software & Hardware Service Availability Risk and Liability Management Application Consulting User Support Hardware and software are just one piece of the puzzle A PKI requires: technology, people, facilities, policy, procedures, and integration 12 12

Symantec Managed PKI is Full Service Platform Turn key system customer just provides administrator Systems Best Practices Redundancy Everything is built-in Root of Trust (global) Validation Management roles Tools Workflow Key Recovery Reporting Etc. Symantec Confidentia

Symantec Managed PKI Advantages Build Your Own Managed PKI Service vs. PKI Software Servers Trained PKI Expert Your PKI Administrator Secure Facility Software and System Maintenance Backup and Recovery Administration, monitoring and auditing Operational costs can soon exceed even free software benefits Much faster to deploy Won t be hurt by employee departure Lower total cost of ownership (TC0) No infrastructure capital investment No maintenance Ease of use Leverage operational excellence Secure, audited operations High Availability (HA) and high capacity 24/7 support and binding SLAs Certifications and accredited policy 14

Flexible Topology Options Decide or change at any point Cloud PKI Infrastructure All-Inclusive Infrastructure Unified Administration Supports Common Uses Cases Client- Enabled Cloud PKI Enterprise Gateway Directory-Driven Automation Local Registration Authority Native OS PKI Compatibility Hybrid Clientless

Client vs. Client-less Easier to Manage, Simpler to Use Client- Enabled Both client-less and client provide: Browser-agnostic enrollment SCEP enrollment by Apple ios PKI client software Application auto-configuration Automatic certificate renewal Client-side updates possible through via enterprise software management system 16

Pre-Provisioning Capabilities Speed Time to Value Backend and site setup Certificate policy Format and metadata Web Gateway Configuration Enrollment method and authentication Certificate store Trust policy, system, and user provisioning Cryptographic algorithms Content for customized web pages Security Level (PIN required?) 17

Templatized Approach Simplifies Certificate Provisioning Step-by-step guidance Pre-defined where practical Use anytime: initial deployment or expansion 18

Simple to Customize for Client, HSMs and Other Options 19

Advanced End-point Automation Certificate requested Now what? Auto-enable applications to use Browsers (IE, Firefox, etc.) email VPN Adobe WiFi Publish to directory Transparent Renewal 20

Excellent Integration with ios and Mobile Management Best PKI support of Simple Certificate Enrollment Protocol (SCEP) 1) Direct Enrollment Direct Enrollment requires no MDM server and uses built in features of Apple ios providing certificate related features MDM Enrollment acts as a proxy and provides a superset of features available through the MDM provider Symantec Managed PKI Service Solution Overview 21

Eric Ouellet et al. Organizations should focus on minimizing complexity and remembering the business reasons for using public-key technology. Factors Impacting PKI and PKO Insourcing and Outsourcing Gartner, 2010 22

Demonstration Risk-based Authentication 23

MPKI Symantec Cloud Managed PKI PKI Administrator Enrollment code Internet PKI Manager Certificate Services SCEP Server Web Services Tablet User VPN =enrollment link = SCEP request & VPN profile =certificate 24

Questions? Risk-based Authentication 25

Thank you! Copyright 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. Symantec Managed PKI Service Solution Overview 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback