Organizational Access Management System (CertM)

CertM Major features

  • Automation. Network and CA Scanning – Automatic and Comprehensive
    For detecting all digital certificates on the network (SSL/TLS, SSH, Mobile, WiFi & VPN)
  • Status Management. Certificate expiration alerts and automatic renewal of digital certificates
  • Accessible Display. Centralized display of all digital certificates in the organization on a single screen
  • Monitoring and Management. Filtering, screening, and continuous management of all digital certificates, including: expiration, renewal, suspension, revocation, and more.
  • Display of certificates filtered by CA, up-to-date statistical data, reports, periodical overview, and more.

CertM performs an automatic scanning process and updates the validity of all certificates through a centralized PKI management system:

  • Controls the quantity of certificates present in all organizational systems
  • Reduces reliance on manual error-prone processes, and service/system shutdowns
  • Locates existing certificates and their status

Reduced costs and operating times

Significant failure point neutralization through automatic certificate renewal

Prevents human errors

Continual system scans

CERTM – System Advantages:

  • Reduced costs and operating times
  • Prevents human errors
  • Central management
  • Automatic certificate renewal (neutralizing a significant failure point)
  • Prevents service shutdowns (enhancing service accessibility)
  • Continual system scans
  • Centralized aggregation of all digital certificates’ data

System Characteristics:

  • Uses digital/automatic processes instead of error-prone manual processes.
  • Ability to detect and view existing certificates and their status
  • Centralized system for managing PKI infrastructures
  • Automation throughout certificate lifecycles
  • Automatic certificate renewal
  • Integration with HSM components
  • Certificate expiration alerts
  • Integration with the organizational CA
  • Integration with international CA providers
 

Automation throughout certificate lifecycles

CA and Network Scanning

  • Network and CA scanning to detect all network digital certificates
  • (SSL/TLS, SSH, Mobile, Kubernetes, WiFi & VPN)
  • Direct scanning via an Enrollment Agent
  • Integrating with Private/Public CAs
  • API for interfacing with third-party systems
  • Integrating with AD
 

Automation

  • Automatic digital certificate renewal
  • Certificate expiration alerts
  • Automated action configuration via API
 

Display

  • All the organization’s digital certificates centralized on a single screen
  • Comprehensive display of all existing digital certificates on the network
  • Comprehensive display of all existing digital certificates on all CAs
  • Current status of every digital certificate throughout its lifecycle
 

Management and Monitoring

  • Digital certificate lifecycle management
  • Search/filter/sort based on required criteria
  • Revocation/suspension of digital certificates
  • Manual/automated management
 

Reporting

  • Digital certificate filtering by CA
  • Filtering based on protocols/ports/devices and more
  • Reports and statistics
  • Alerts and warnings
 

Functionality:

CA and Network Scanning

  • Network scanning and status display of all existing digital certificates (including IIS, Apache, F5, Imperva, GigaMon)
  • Verification of certificates installed on system-linked CAs
  • Automatic search for certificates installed on the organizational network
  • Direct scanning via an Enrollment Agent
  • Certificates catalogued by the components in which they are embedded: protocols, IP addresses, ports, URLs, and more.
 

Monitoring and Alerts

  • Reports and statistics
  • Filtering and screening to generate reports based on required criteria
  • Certificate expiration alerts and warnings, to facilitate timely action
  • Logs collected by monitoring systems through SNMP/SYSLOG
 

HSM Component Integration

  • Secure key storage in a dedicated physical device (HSM) with partitioning capability
  • Key storage for various purposes: SSL, Code Signing, Client Authentication, Docker Container
  • ComSign KSP service on servers/endpoints for communication with the central KSP Server
  • Uses Reference for central HSM
  • Automatic creation of a KDC authentication certificate (for LOGON) from the central HSM using ADCS
 

Central Management

  • Easy-to-use and Intuitive Control Screen (WEB) for management
  • Issues various digital certificates such as SSL, Authentication, etc.
  • Digital certificate creation, configuration, signing, and issuance
  • Display of all network certificates, with advanced filtering options
  • Automatic certificate renewal close to expiration date (configurable)
  • Alerts to system manager (via email/SMS) regarding expiring certificates
  • Revocation/suspension of digital certificates
  • Certificate display/download
  • Full resilience
 

Interfaces:

  • System is On-Prem/SaaS
  • Integrates with several CAs
  • Integrates with organizational CA services (supports MSCA/EJBCA)
  • Integrates with external CA services (DigiCert)
  • Integrates with HSM components (given CSP)
  • Integrates with AD
  • Integrates with data security and monitoring systems
  • Integrates with third-party systems
  • Integrates with external DB
  • REST/SOAP API

Our customers:

Connect with our Sales Team