Digital certificates secure data and facilitate the authentication of users, mobile devices, computers, servers, and networking devices. Growth in the deployment and adoption of new business applications and corporate networks, has brought additional focus on the need for certificate and use credentials. Next generation solutions are required in order to address new challenges and threats caused by scale and complexity.
Certificate Authority Management
Cogito Group’s Jellyfish offers the ability the manage certificates issued from disparate certificate authorities (CAs). We manage certification from disparate CAs through a single pane of glass, and bring certificates under management that may not previously have been managed, for example certificates that were not issued by managed CAs.
Jellyfish’s PKI certificate management capabilities include:
Hard Token Management
Hard token management refers to managing the complete livecycle of an organisation’s Smartcards and/or USB tokens. Jellyfish communicates with tokens through its single pain of glass interface.
Soft Certificate Management
Soft certificates are stored in a standard registry or file system location on the user’s computer. Then PKI key pairs are generated on the Certificate Authority server end.
Enterprise grade password management is integrated in Jellyfish, through providing secure password protection based on user access rights.
One Time Passwords
Jellyfish provides a mechanism for logging on to a network or service using a unique password which can only be used once.
A Certificate Signing request is encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It contains the public key that will be included in the certificate and generates the private key.
Jellyfish automates certificate renewal for in-use certificates approaching expiry, which prevents outages. No user interaction is required for the fully automatic certificate renewal to occur.
Jellyfish issues Certificate Revocation Lists (CRLs) and makes CRLs available to view for ease of auditing and compliance.
Jellyfish enables users to view pending role approvals, this is useful for users within approval positions, where they may be expected to approve role, group, and other attribute changes to users.
Managing number of Certificates Issued
All certificates issued can be viewed and managed by using Jellyfish management console, regardless of which certificate agent they were issued through.
Viewing who or what the Certificate was Issued To
Through the use of optional additional search terms and logical operators you can quickly gain accurate dataa across user, device and certificate bases.
Active Directory Certificate Management Services
Jellyfish provides a platform for issuing and managing Mircosoft Active Directory PKI certificates. Integration which active directory ensures the authentication of computer, user, or device accounts on a network.
Industry Certificate Management
Jellyfish provides Certificate Management for certificates issued from a customer premise Microsoft Certificate Authority. Integrating wtih industry CAs means that you can utilise the management capabilities of Jellyfish without replacing current systems.
Certificate Authority Lifespans
Certificate Authority (CA) lifespan for Root CAs are typically set at 10 years. This is a reasonable lifespan. However, the functionality of CA configuration is impacted by the lifespans of the Policy and Issuing CAs.
A lifespan of 5 years for the Issuing CA is short by industry standards, but is suitable for the Issuing CA. A lifespan of 5 years for at Policy CA level in non-functional (as shown in the Unpreferred Certificate Authority Lifespan graphic). It is recommended that the lifespan of a Policy CA be made 10 years and that the Root CA remain at 10 years while Issuing CAs remain at 5 years (as shown in the Preferred Certificate Authority Lifespan graphic).
Want to Learn More about Jellyfish?
AU: +61 2 6140 4494
NZ: +64 4909 7580
Auckland | Brisbane | Canberra
London | Melbourne | Sydney
Wellington | Washington DC