Reducing Risk Through Effective Certificate Management Dave Corbett Technical Product Manager 1
Enterprise Challenges for SSL Management Certificate Expiry & Misconfiguration Certificates Not Secure/Compliant Certificate Management Costs 2
Google 3
4
5
twitter 6
7
8
INTERNAL APPLICATIONS Expired & Misconfigured Certificates Drive Costs, Losses & Brand Damage LOST PRODUCTIVITY MISSED SALES OPPORTUNITIES CALLS TO TECH SUPPORT EXTERNAL APPLICATIONS DEFECTION TO COMPETITORS DAMAGE TO BRAND AND CREDIBILITY USERS TRAINED TO IGNORE WARNINGS CALLS TO CUSTOMER SUPPORT 9
SSL Security Concerns 10
Secure SSL NIST & CA/B Forum Recommendations All certificates after 2013 must have public key size 2048 bits All certificates after 2013 must use SHA1, SHA- 256, SHA-384 or SHA-512 Digest Algorithm (hashing) 11
Certificate Management Costs Direct Costs Operational Costs $ Too Many Certificate Authorities Certificate Inventory $ Over-budgeting Certificate Renewal 12
SSL Management Solutions Problem Solution Certificate Expiry & Misconfiguration Certificates Not Secure/Compliant Too Many Certificate Authorities Complete Visibility Over-budgeting Certificate Inventory Certificate Renewal Process Automation 13
Symantec Certificate Intelligence Center Discover, Track and Automate SSL Certificate lifecycle Automation Avoid painful, multi-step process to renew, transfer and install a certificate Consolidate to Symantec certificates Auto-discover supported applications Eliminate human error and installation overhead Discovery and Business Continuity Highly optimized discovery of SSL certificates Scheduled and on-demand discovery capabilities Rich reporting functionality Notification capabilities 14
Symantec Certificate Intelligence Center Architecture 15
Symantec Certificate Intelligence Center SSL Asset Visibility 16
17
18
CIC Certificate Renewal/Transfer Automation CIC Server Agent 19
CIC Certificate Renewal/Transfer Server Automation Flow CIC Server Agent 20
Key Features Automated Renewal and Upgrade
CIC for Mobile 22
Thank you! Dave Corbett Dave_corbett@symantec.com Copyright 2012 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice. 23