eTrust PKI Offers A Reliable Trusted Mechanism for Business Transactions

The new global culture of electronic exchange and networking poses a greater threat of fraud, email eavesdropping and data theft than ever before for both companies and individuals. As businesses continue to open their networks to employees, customers, partners and suppliers, information security becomes increasingly vital. While PKI technology provides a widely accepted standard for ensuring the security of users, data and applications, many commercially available PKI products require extensive customization to integrate with existing IT infrastructure and business processes. Most fall short of providing effective certificate administration across the entire organization, resulting in costly, slow deployment—undermining the effectiveness of PKI implementations.

The Key to Securing Electronic Exchange

eTrust PKI is an easily deployable Public Key Infrastructure solution that delivers strong user authentication and digital certificate management across the entire business infrastructure. It utilizes embedded eTrust Directory and eTrust OCSPro to provide a single vendor solution. In addition, its web enrollment functions reduce administrative responsibilities, allowing an end user to enter information through a web browser. eTrust PKI reduces the security risks associated with the incomplete or faulty administration of certificates while reducing the ongoing cost of Best Practice security operations. It closely integrates with eTrust SSO, eTrust Web Access Control, eTrust OCSPro, eTrust Directory and eTrust Audit security solutions, enabling a business to rapidly incorporate digital certificate technology into its existing environments and helps ensure greater security and privacy for its data. eTrust PKI provides organizations with the following unique benefits:

• Simplified Management. Large user populations can be enrolled in bulk into eTrust PKI. Non-expert staff can easily manage day-today management of new users or revocations through predefined profiles and a simplified management interface.

• Unsurpassed Scalability. eTrust PKI is designed for future growth through its embedded X.500-based policy management repository. It supports multiple Certification Authority and Registration Authority servers for scalability and fault tolerance. In addition, eTrust PKI utilizes the underlying eTrust Directory to allow multiple server operation.

• Streamlined Deployment. eTrust PKI is easy to deploy across an enterprise, with built-in support for desktop deployment that enables certificates to immediately work with leading applications. It can be easily set up and installed, and provides the complete supporting infrastructure—including the directory for certificate and CRL publishing and OCSP responder for real-time validation—right out of the box.

• Integration With Other eTrust Security Solutions. eTrust PKI delivers enhanced user authentication for eTrust SSO to provide secure access to existing applications for employees and extranet users.

Distinctive Functionalities

Easy Installation. eTrust PKI comes out of the box with policy repository, X.500 directory and OCSP responder, and installs in a matter of minutes.

Intuitive Management Interface. Intuitive tools allow administrators to request certificates and revocation for out-of-the-box operation and simplified day-to-day user management. Both local and centralized key generation are supported with optional key backup.

Web Enrollment. This feature provides self-service certificate management—enabling users to request, revoke, renew and recover certificates and key pairs through a standard web browser. These built-in self-service functions improve administration, streamline administrative tasks and lower the cost of ownership.

Out-of-the-Box Integration With Applications. eTrust PKI integrates with many applications including: MS Word; email applications such as MS Outlook and Novell GroupWise; and most Virtual Private Network (VPN) technologies—to secure user communications. In addition, eTrust PKI is open to work with all LDAP-compliant directories for publication of certificate and revocation lists.

Open to Market Standards. eTrust PKI supports PKIX certificates, PKCS#12 key-pair formats, PKCS#11 smart cards and OpenSSL API.

Application Customization. A built-in customer Software Development Kit allows enterprises to develop new applications or enable existing applications with PKI.

Optional Hardware Support. eTrust PKI optionally supports a wide range of smart card devices for user authentication and/or mobility. eTrust PKI also integrates with most hardware key management devices and VPN solutions.