Microsoft Active Directory Certificate Services
Manage certificates securely and protect your Public Key Infrastructure
Microsoft Active Directory Certificate Services (AD CS), through a server that acts like a certificate authority (CA), provides management of certificates that are essential to Public Key Infrastructure (PKI). By utilizing a network connected Futurex HSM, organizations are able to securely expedite the storage, encryption, and signing of certificates.
Futurex’s solutions are designed for seamless integration and scalable growth. Our simplified integration guide covers how to incorporate an HSM with Microsoft AD CS. Additionally, Futurex technology shares the same Base Architecture Model (BAM), allowing for easy expansions or customizations of existing cryptographic infrastructure.
To summarize, Futurex’s support for Microsoft AD CS:
With a certificate authority created by Microsoft AD CS, third-party identities can be verified upon receipt of a digitally signed message. Since the CA continues to manage every aspect of the certificate lifecycle, including issuance and revocation, using a compliant hardware security module is essential to establishing a secure, trusted environment.
Futurex’s VirtuCrypt cloud grants you access to an innovative set of solutions for encryption, key management, PKI & certificate authority, and much more.
With this service, you can easily create, deploy, and manage virtual HSMs. The VirtuCrypt Intelligence Platform (VIP) provides an intuitive UI with which to centralize cryptographic management across organizational units.
Supports a wide range of key character lengths (2048, 3072, or 4096) and hash algorithms (SHA-1, SHA-256, or SHA-512)
Scale with the ability to increase throughput rates without removing the unit from a production environment
Remotely access internal data and logs via the Futurex HSM’ s web-based
If organizations utilize Futurex technology to protect CAs, they are backed by cryptographic processors that are compliant with highly rigorous security standards, including FIPS 140-2 Level 3. Futurex HSMs are equipped with physical and logical security measures to ensure security breaches are prevented.
While Microsoft AD CS provides many benefits for your PKI environment as a stand-alone service, hardware security modules (HSMs) fortify the security of your CA keys in a way that software is unable to. Organizations with existing PKIs, by using a HSM to create new keys, tremendously strengthen the integrity and confidentiality of their data.
Of the services provided by Microsoft AD CS, the most frequent is the use of the server to act as a CA.