As security threats become more sophisticated and compliance mandates evolve to keep pace, organizations are tasked with enforcing corporate-wide security policies that manage and secure digital identities.

Founded in 1969, Entrust is a global security leader that focuses on identity, payments and data protection. The company has a large portfolio of software and hardware solutions to meet market demands. Most recently, Entrust announced the release of Security Manager 10, the tenth generation of its Certificate Authority (CA) product which powers public key infrastructure (PKI) deployments worldwide. The Entrust PKI platform delivers on PKI needs ranging from small enterprise deployments to cloud-scale systems. The platform adds native high availability, increased throughput and horizontal scalability that modern certificate authorities (CA) require to support digital enterprise, banking and government organizations.

“Entrust has a rich pedigree in market as a trusted provider of proven certificate solutions,” said Robyn Westervelt, Research Director, Security & Trust at IDC. “The Security Manager 10 platform delivers in meeting the market demand as a comprehensive and high assurance infrastructure for managing and securing digital identities with ease, scale and reliability.”

Security Manager 10: Providing Infrastructure for Security Practice

Many industries and organizations have evolved current infrastructures to deploy end-entity certificates on 20-year and 30-year life spans, skipping or bypassing validation or verification in efforts to ease the burden of management as systems scale. This approach  potentially decreases the value of the credential rather than addressing the core challenges of infrastructure scale out. This causes organizations to run into many life cycle issues: Without the ability to scale out or renew certificates in an automated fashion, operators become entrenched in legacy deployments which may no longer be secure.

With Security Manager 10, organizations can manage their digital keys and certificates to secure user, device and application identities. With a Certificate Authority (CA) and Administrative Services Registration Authority (RA), Entrust Validation Authority (OCSP) and cryptography toolkits for enterprise development and embedded Internet of Things (IoT) use cases, Security Manager 10 provides a complete infrastructure for organizations seeking to establish a scalable security practice backed by digital identities.

The platform offers capabilities to meet industry needs, including:

• High availability: Security Manager 10 native high availability configuration means near-zero downtime when performing an upgrade or should there be an unexpected system failure.
• Increased throughput: With encryption and certificate use continuing to expand, Security Manager 10 allows for capacity to be added on demand without any complex IT software or infrastructure additions or the need to complicate CA hierarchies with Subordinate CAs or additional Issuing CAs – this means more capacity with less complexity
• Horizontal Scalability: The addition of CA Nodes can be done from a command line or through simple server side orchestration scripting. Flexible High Availability (HA) licenses entitles customers to run multi-node configurations out of the box.

“Being able to scale your CA with a few commands on a command line or a few lines of a script, without any proprietary virtualization software or hardware expenses, was a key goal here,” said Jon Ferguson, Director of Product Management at Entrust. “It’s very easy for customers to add another node to a certificate authority now, which gives them extra throughput and seamless failover scenarios, all from one central CA. This means CA certificate propagation and basic management of the infrastructure is greatly simplified.”

Integrations for Certificate Management

Security Manager 10 is fully integrated with Entrust’s PKI-enabled application ecosystem to enable simplified Certificate Management with Entrust Certificate Hub, mobile security from an ecosystem of Mobile Device Management partners, and citizen and government credential issuance, management, and validation while running in high assurance environments.

“Entrust has been continuously evolving our PKI platform for more than 25 years and Security Manager 10 is the evolution of the core technology that has defined the PKI market since 1994,” said Ferguson. “Today’s growing digital enterprise, banking and government organizations require a PKI platform that allows them to manage high-volume certificate issuance without the risk of downtime that could be damaging to their brand. Security Manager 10 provides the trusted infrastructure these organizations need to deliver on brand promises without sacrificing security.”

Recommendations For Credential Management

With a desire to redefine the narrative on identity standards and certificates, Entrust’s Security Manager 10 is one prime example of companies meeting the demands of industries that need authentication and encryption technologies.

“We’re contributing to the standards, trying to make sure that the cryptography behind next-generation solutions is sound and that it is open,” said Ferguson. “As the implications of Post Quantum (PQ) computing on modern crypto are better understood, Entrust has been working with other industry leaders to develop standards and approaches to improve adoption velocity and reduce migration risks.”