Certificate Management

Cogito Group’s Jellyfish® product has been designed to manage your certificates and address the complexities of emerging threats within the evolving cyber security landscape.

Certificate Authority Management

Certificate Management Fact Sheet

Cogito Group’s Jellyfish offers the ability to manage certificates issued from disparate certificate authorities (CAs). Jellyfish offers a single pane of glass, and brings visibility to overlooked certificates, for example those that were not issued by managed CAs.

Jellyfish PKI certificate management capabilities include:

Hard Token Management

Hard token management refers to managing the complete lifecycle of an organisation’s Smartcards and/or USB tokens. Jellyfish communicates with these tokens through its single pane of glass interface.

Soft Certificate Management

Soft certificates are stored in a standard registry or file system location on the user’s computer. Then PKI key pairs are generated on the Certificate Authority server end.

Password Management

Jellyfish creates an environment where enterprise-grade password management can be integrated, providing secure password protection based on user access rights.

One Time Password

Jellyfish provides a mechanism for logging on to a network or service using a unique password which can only be used once.

Requesting Certificates

A Certificate Signing request is encoded text that is given to a Certificate Authority when applying for an SSL Certificate. It contains the public key that will be included in the certificate and generates the private key.

Certificates Expiring

Jellyfish automates certificate renewal for in-use certificates approaching expiry, which prevents outages. No user interaction is required for the fully automatic certificate renewal to occur.

Viewing Revocations

Jellyfish issues Certificate Revocation Lists (CRLs) and makes CRLs available to view for ease regarding auditing and compliance.

Managing Approvals

Jellyfish enables users to view pending role approvals, this is useful for users within approval positions, where they may be expected to approve role, group, and other attribute changes to users.

Managing Number of Certificates Issued

Jellyfish capabilities include the viewing and management of all certificates, regardless of the agent they were issued through.

Full Certificate Management Visibility

Through the use of optional additional search terms and logical operators you can quickly gain accurate data across user, device and certificate bases.

Active Directory Certificate Management Services

Jellyfish provides a platform for issuing and managing Microsoft Active Directory PKI certificates. Integration with active directory ensures the authentication of computer, user, or device accounts on a network.

Industry Certificate Management

Jellyfish provides Certificate Management for certificates issued from a customer premises Microsoft Certificate Authority. Integrating with industry CAs means that you can utilise the management capabilities of Jellyfish without replacing current systems.

Certificate Authority Lifespans

Certificate Authority (CA) lifespan for Root CAs are typically set at 10 years. This is a reasonable lifespan. However, the functionality of CA configuration is impacted by the lifespans of the Policy and Issuing CAs.

A lifespan of 5 years for the Issuing CA is short by industry standards but is suitable for the Issuing CA. A lifespan of 5 years for a Policy CA level is non-functional (as shown in the Unpreferred Certificate Authority Lifespan graphic). It is recommended that the lifespan of a Policy CA be made 10 years and that the Root CA remain at 10 years while Issuing CAs remain at 5 years (as shown in the Preferred Certificate Authority Lifespan graphic).