JELLYFISH TRAINING CENTRE

We offer training through several delivery methods, including online demonstration videos and user guides. Our user guides have been designed for administrators. You will get a detailed understanding of the technical elements of integrating identity, credentials, access management, and enabling the creation of automatic workflows. In these videos you will see how simple and easy Jellyfish is to operate, and how it passes data through disparate systems. Jellyfish uses triggers on one platform to impact another, giving administrators more visibility across systems.

View Jellyfish User Guide

ALERTING MODULE

Alerting Module Overview

ANONYMOUS PORTAL

Anonymous Portal Overview

AUDIT MODULE

Audit Module Overview

The Jellyfish Audit module is a useful visualisation tool for auditors and security officers to monitor your organisation’s identity and access records in the Jellyfish system. This information can be used alongside your organisation’s expected identity and access control statistics to determine security vulnerabilities and ensure your organisation’s authentication methods remain secure.

APP MANAGEMENT MODULE

App Management Module Overview

Jellyfish allows customer-specific applications to be integrated into the Jellyfish system, which can be managed through the Jellyfish App Management module.

AUTOMATIC ENROLMENT

Automatic Enrolment (Let's Encrypt)

The LetsEncrypt Proxy feature provides the ability to capture of all certificates issued or renewed from the free LetsEncrypt Certificate Authority, which can be leveraged for globally-trusted external web server certificates. Any issued certificates found by the proxy are sent to Jellyfish, giving you oversight into which LetsEncrypt certificates and domain names are being used within your environment.

The LetsEncrypt Proxy does not interfere with any of the communication between the client and LetsEncrypt services, allowing you to utilise whichever LetsEncrypt client implementation that you desire. In addition, by proxying all traffic through our service, you can ensure that all outbound LetsEncrypt traffic is managed and easily auditable through your network.

The video shows an example Linux server requesting a LetsEncrypt certificate, the creation of the DNS TXT record that LetsEncrypt requires, and the resultant certificate shown in Jellyfish. Behind the scenes, the issued certificate is simply captured by our proxy service and sent over to Jellyfish, all without interfering with the client/server issuance process.

Automatic Enrolment (SCEP)

Autoenrolment module for Linux allows Linux machines to auto enrol and renew digital certificate. The module leverages Simple Certificate Enrolment Protocol and Certmonger to achieve certificate request and enrolment. All certificates issued can be viewed and managed by using Jellyfish management console.

The process uses a few lines of commands which could be combined into server build and config scripts to automatically enrol and configure certificates for webservers and other services running on Linux.

The first part of the video is showing a low privilege user logging into jellyfish then requesting a SCEP certificate for their Linux machine. The video then shows a high privilege user logging in and viewing then approving the user’s request. The original user that requested the certificate is then sent instructions on how to request a certificate on their Linux box.

The second part of the video shows a user requesting a certificate using the instructions sent to them. This also shows a full data dump of the certificate.

Automatic Enrolment (Windows)

Jellyfish’s autoenrolment module for Windows allows auto enroll and renew of digital certificates on Windows machines for both Machine and User certificates including smartcard and virtual smartcard.

Jellyfish’s card management module allows virtual smartcards to be created in managed or unmanaged mode. In managed mode admins have the ability manage the full lifecycle of virtual smartcard like creation, PIN reset, and destruction.

This particular video shows the process of unmanaged virtual smartcard creation and certificate enrolment. All issued certificates can be viewed and managed from Jellyfish’s management console.

Automatic Enrolment (ACME)

Jellyfish agents and servers support the Automatic Certificate Management Environment (ACME) protocol which allows you to automatically enrol and renew digital certificates on HTTP servers.

In using the ACME protocol, you can use your own enterprise certificate authorities without relying on the LetsEncrypt service. Jellyfish ACME support lets you use existing ACME clients without having to publicly expose your servers to the internet.

This video demonstrates the ACME agent performing the digital enrolling of certificates. The video demonstrates the generation of a digital CSR, the validation of HTTP/ DNS for challenge response before submitting the request for the digital certificate, and finally receiving the digital certificate which installs on your device and can be searched for through the Jellyfish system.

Automatic Enrolment (ISS Certificate Binding)

CASB MODULE

Cloud Access Security Brokerage (CASB) Module Overview

Using cloud storage offers an array of benefits, but also introduces several security challenges. These challenges include shadow IT, data theft, the loss of IP, and reduction in productivity through unsanctioned cloud usage. Jellyfish CASB addresses these security challenges by resting on four key pillars: visibility, threat protection, compliance and data security. Watch the video to learn more about how Jellyfish CASB works in action.

CMDB MODULE

Configuration Management Database (CMDB) Module Overview

The Jellyfish Configuration Management Database (CMDB) is an asset management system designed to manage your asset’s lifecycle from purchase to disposal. Your organisation’s assets need to be audited, maintained, and updated, and a system to manage this brings a wide array of short and long-term benefits to your organisation.

For example, keeping track of your organisation’s workstations, their warranties, who is using them, and where they are located can help you make sure your organisation isn’t wasting resources, budget for hardware updates, manage bulk issuances and revocations, and ensure that asset shrinkage doesn’t happen without your knowledge.

Jellyfish’s CMDB helps your organisation keep hardware costs low, improve your organisational efficiency, and prevent and protect against cyber security threats.

CERTIFICATE AGENTS

DigiCert Certificates

This video demonstrates how to request DigiCert certificates from Jellyfish. The request process can be completed through either generate CSR or uploading CSR. The video then also demonstrates how to validate a DigiCert request on Jellyfish.

F5™ Certificates

This video demonstrates the manual creation of a certificate in an F5 device. Jellyfish supports automatic issuance of certificates to F5 devices as well based on factors such as expiry, but this cannot be shown as there is no user interaction required for the fully automatic issuance to occur.

Remedy™ Certificates

This video shows an integration of Jellyfish with BMC Remedy and other BMC products. Through BMC, a request can be submitted directly to Jellyfish (for example, as part of a service request or change), and the signed certificate is returned to BMC for download in BMC.

This integration is flexible as Cogito provides a standard library for deployment into BMC products. This library can be easily installed and subsequently attached to BMC processes, providing standard inputs and outputs for certificate issuance that can be bound to any field or function in BMC.

The video shows an example issuance process with immediate issuance and retrieval of a Web Server certificate, collecting standard certificate attributes with some optional Subject Alternative Names. The issued certificate in this example is delivered to the requestor as a Zip file, with the PKCS#12 format certificate (with both public and private key), a PKIX format certificate, and the original PKCS#10 certificate request that was submitted.

Jellyfish integration can be performed via two approaches: one with immediate approval for pre-approved domains (as shown in the video), and one with additional approval step before issuance. Additional steps can easily be integrated through capturing and utilising the Transaction ID that Jellyfish provides during issuance.

ServiceNow®

To request certificates from Jellyfish through the ServiceNow environment, simply navigate to the Jellyfish application within ServiceNow. From there, request a new certificate, fill in the details required in the issued certificate and the password to protect the file containing the private key, and click Submit. Once the request has been submitted, check back on your request to see the download button enabled. Download the P12 file and install it on your computer or the machine the certificate was intended for.

CERTIFICATE MANAGEMENT

Certificate Management Overview

Jellyfish offers the ability to manage certificates issued from disparate certificate authorities (CAs). Jellyfish offers a single pane of glass, and brings visibility to overlooked certificates, for example those that were not issued by managed CAs. Jellyfish’s Centralised Digital Certificate Management System automates the detection of expired or vulnerable certificates within your network, allowing for full lifecycle management of all existing certificates, regardless of their CA.

SCEP For Linux Certificate Monger

CONTROL ACCESS MODULE

Control Access Module Overview

The Jellyfish Control Access module allows you to manage the integration of your Physical and Logical Access Control Systems (PACS/LACS). Jellyfish allows you to declare Mapping Rules, which define the relationship between your organisation’s users, devices, and access zones.

DISCOVERY MODULE

Discovery Module Overview

The discovery component performs all network discovery and identification of certificates within network segments. Where it is permitted, it will traverse additional network segments to continue discovery. Where not permitted to traverse network segments, additional agents can be deployed to each segment to provide maximum coverage.

EMAIL ENCRYPTION

TaaS SEEMail

TaaS SEEMail is a gateway-to-gateway encrypted email service that provides security and confidentiality for emails sent between participating agencies and trusted partners. Cogito Group’s SEEMail LDAP database stores the public certificates and domain sensitivity levels of SEEMail domains in your organisation. Cogito Group also provides the PKI Infrastructure and the Jellyfish web portal used to issue and publish these certificates to the LDAP Database. Watch this video to learn how to manage your SEEMail certificates through Jellyfish.

Email Encryption (Outlook Desktop)

Email gateway encryption allows organisations to encrypt their emails before it gets stored on the Microsoft server. This video shows how email gateway encryption is applied to the Outlook Desktop App.

Email Encryption (Outlook Web Application)

The Outlook desktop application can also use the email encryption proxy, with no extra setup required. This means that an organisation can easily integrate email encryption into their current O365 services. This video demonstrates sending and receiving emails using the Outlook desktop that is connected to the email encryption proxy, and connected directly to the Microsoft O365 service, and then comparing the outcomes of these events, showing that connecting directly to O365 means that the data is not getting decrypted.

Email Encryption (Outlook Online)

This video shows sending emails, receiving emails, and searching emails using the email encryption proxy Outlook Web App, and compares these operations against the non-proxied Outlook Web App, showing that the data is encrypted when not accessing it through the email encryption proxy.

ENDPOINT SECURITY MODULE

Endpoint Security Module Overview

The connection wireless devices to organisational networks creates attack paths for security threats. Endpoint Protection protects networks that are remotely bridged to devices, such as laptops, mobile phones and tablets. This tutorial shows Jellyfish’s Endpoint Protection capabilities, including: connected clients, outdated clients, and device scans.

IDENTITY MODULE

Identity Module Overview

The Jellyfish Identity module is an identity management system that allows your organisation to keep track of its members and provide strong authentication to ensure users accessing your network are who they claim to be.

The Jellyfish Identity module provides full identity lifecycle management, increases the efficiency of HR workflows, integrates with your PACS and LACS systems, and, when used in combination with the Jellyfish CMDB asset management system, ensures air-tight tracking of your organisation’s assets and improves your overall security posture.

KEY MANAGEMENT MODULE

Key Management Module Overview

Jellyfish provides key management capabilities, ensuring that your keys are generated, stored, and managed in a professional, purpose-built environment. The Jellyfish key management capability ensures your keys remain confidential, generated and stored within FIPS 140-2 Level 3 Hardware Security Modules. Use these keys for encryption or digital signing.

MONITORING MODULE

Monitoring Module Overview

Jellyfish provides monitoring capabilities for it’s in-use servers and the services running on those servers.

JELLYFISH MOBILE APP

Jellyfish Mobile App Overview

The Jellyfish mobile app gives you a wide variety of identity validation tools conveniently stored in your Jellyfish mobile app. Jellyfish mobile allows you to validate your identity to managers or security officers, view your certificates, and view how many desks are available in your organisation’s shared building.

Enabling and Using Multi-Factor Authentication

Jellyfish employs the highest level of security to keep your organisation and your account safe. Watch this video to learn how to enable and use Multi Factor Authentication to secure your Jellyfish account.

Visitor Management System Overview

The Jellyfish Visitor Management System is facilitated through the Jellyfish mobile app. Jellyfish can manage the secure sign in and sign out of visitors to the premises, collects relevant user information, and notifies the visitor’s host of their arrival.

MOBILE DEVICE MANAGEMENT MODULE

Searching Mobile Devices

The mobile device management module includes features to issue a device certificate and search for mobile devices. In this tutorial we demonstrate how to search for a mobile device using the mobile device search page. Any mobile devices that are managed by the product can be easily searched for through this interface.

Issuing Mobile Device Certificate

In this tutorial, we demonstrate how to issue a certificate for a mobile device using the mobile management module. Any mobile devices that are managed by the Jellyfish Mobile Device Management Module can have certificates issued, given the issuer has the appropriate rights.

REPORTING MODULE

Reporting Module Overview

Jellyfish generates live reports for its various services and system capabilities which are viewable through the Reporting module interface.

SEARCH FUNCTION

Jellyish Search Function Overview

The Jellyfish Search function allows users to search for users, devices, roles, organisations, credentials, smartcards, HSM tokens, HSM objects, SIEM audit logs, group policy objects, and visits. The Jellyfish search interface supports complex search queries, allowing you to search using more than one criterion or using multiple logical operators.

SELF SERVICE PORTAL

Self Service Portal Overview

The Jellyfish Self-Service portal provides quick access to a variety of useful tools such as account management, ticketing, password reset, and enabling Multi-Factor Authentication.

SUPPORT MODULE

Support Module Overview

The Jellyfish Support module allows you to raise issues with Cogito Group support staff who can then assist you in investigating and resolving your issue. Add a ticket to let Cogito Group support know about your issue.

SMARTCARD ISSUANCE

Smartcard Issuance Overview

The Smartcard module allows users to request Smartcards, search Smartcards, download batch files, and access batch request reports.

Smartcard Issuance Workflows

Smartcard issuance can be customised based on organisational requirements. Single issuance of Smartcards allows individual users to be selected, and Smartcard requests to be processed individually.

VIEWING INVOICES

Viewing Invoices in Jellyfish

Jellyfish allows you to view your recent invoices through the Jellyfish interface.

VULNERABILITY PROTECTION MODULE

Vulnerability Protection Module Overview

The vulnerability protection module allows users to view what is occurring with their endpoint protection services. This is useful for users needing to monitor their AV and firewall capabilities.

WORKFLOW MODULE

Workflow Module Overview

The workflow module allows users to view pending role approvals, this is useful for users within approval positions, where they may be expected to approve role, group, and other attribute changes to users within the Identity Manager.

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you

Please enter your details to unlock this content

Please enter your details to unlock this content

Access will be granted after your email address is confirmed

Thank you