Microsoft Active Directory Certificate Services
Manage certificates securely and protect your Public Key Infrastructure
Microsoft Active Directory Certificate Services
Microsoft Active Directory Certificate Services (AD CS), through a server that acts like a certificate authority (CA), provides management of certificates that are essential to Public Key Infrastructure (PKI). By utilizing a network connected Futurex HSM, organizations are able to securely expedite the storage, encryption, and signing of certificates.
Hassle-free integration
Futurex’s solutions are designed for seamless integration and scalable growth. Our simplified integration guide covers how to incorporate an HSM with Microsoft AD CS. Additionally, Futurex technology shares the same Base Architecture Model (BAM), allowing for easy expansions or customizations of existing cryptographic infrastructure.
Benefits at-a-glance
To summarize, Futurex’s support for Microsoft AD CS:
- Seamlessly integrates into existing Public Key Infrastructure
- Increases strength and security of Microsoft solutions
- Eases the burden of regulatory requirements
- Provides FIPS 140-2 Level 3 validated encryption
- Supports a wide range of key character lengths (2048, 3072, or 4096) and hash algorithms (SHA-1, SHA-256, or SHA-512).
3rd-party alerts
With a certificate authority created by Microsoft AD CS, third-party identities can be verified upon receipt of a digitally signed message. Since the CA continues to manage every aspect of the certificate lifecycle, including issuance and revocation, using a compliant hardware security module is essential to establishing a secure, trusted environment.
VirtuCrypt Cloud HSM services
Futurex’s VirtuCrypt cloud grants you access to an innovative set of solutions for encryption, key management, PKI & certificate authority, and much more.
With this service, you can easily create, deploy, and manage virtual HSMs. The VirtuCrypt Intelligence Platform (VIP) provides an intuitive UI with which to centralize cryptographic management across organizational units.
- Automated provisioning of cloud HSMs through VirtuCrypt Intelligence Portal
- Easy migration from legacy on-premises HSMs to cloud HSMs
- User-controlled clustering and high availability
- Services available from worldwide data centers
- 99.999%+ SLA-backed uptime
Robust key ranges
Supports a wide range of key character lengths (2048, 3072, or 4096) and hash algorithms (SHA-1, SHA-256, or SHA-512)
Scalable architecture
Scale with the ability to increase throughput rates without removing the unit from a production environment
Convenient management
Remotely access internal data and logs via the Futurex HSM’ s web-based
management interface
Why incorporate Futurex HSMs?
If organizations utilize Futurex technology to protect CAs, they are backed by cryptographic processors that are compliant with highly rigorous security standards, including FIPS 140-2 Level 3. Futurex HSMs are equipped with physical and logical security measures to ensure security breaches are prevented.
Greater security for certificate authorities
While Microsoft AD CS provides many benefits for your PKI environment as a stand-alone service, hardware security modules (HSMs) fortify the security of your CA keys in a way that software is unable to. Organizations with existing PKIs, by using a HSM to create new keys, tremendously strengthen the integrity and confidentiality of their data.
Microsoft certificate authority abilities
Of the services provided by Microsoft AD CS, the most frequent is the use of the server to act as a CA.
- Revoke certificates through the publishing of certificate revocation lists (CRLs)
- Clarify certificates’ acceptable use policies
- Log certificate requests, issuance, and revocations
- Issue and distribute certificates, which confirm the identity of the owner of a given private key
Want to learn more about Microsoft Active Directory Certificate Services?
Contact a Solutions Architect today or request a demo.
