Insta Certifier features and benefits
Extensive Support for Two-Factor Authentication
Insta Certifier offers different deployment options including
web-based self-enrolment and the use of registration authority
(RA) for rolling out PKI-based two-factor authentication. Thanks
to the standards-based approach, a wide variety of authentication
token and smart card products can be used with Insta Certifier
for secure storage of user private keys.
Integrated Identity Management
The concept of integrated identity management allows the complexity
of PKI to be hidden by integrating the user certificate life-cycle
management into the enterprise identity management process. By
automating registration and revocation operations, HR personnel
and administrators can manage user identities through a single
management console while capitalising on the benefits of PKI.
Multi-CA Hosting
New virtual certification authorities (CAs) with their own set
of certificate policies and configurations are easily created
by a system administrator with a graphical user interface (GUI),
without the need to invest in costly additional hardware. This
powerful feature makes Insta Certifier an ideal platform for hosting
a managed multi-CA service environment. A new CA with its own
policies and administrators can be created in a matter of minutes.
Scalable Architecture
Insta Certifier provides added availability and security by distributing
the front-end PKI services and the Certifier engine on dedicated
hosts in large-scale deployments. PKI enrolment, administration
and publishing can run independently on separate machines.
Flexible Certificate Policy Framework
Insta Certifier adapts to the real-world business requirements
of service providers and enterprises by providing a highly flexible
framework for defining certificate policies and practices.
Support for Multiple Certificate Enrolment Protocols
VPN devices, remote access clients and web browsers are supported
for enrolling certificates with Insta Certifier. Service providers
and enterprises can deploy the PKI effortlessly, as Insta Certifier
does not require the installation of proprietary desktop components
for the end users.
International Character Set Support
Insta Certifier extensively supports the use of UTF-8 character
encoding, which makes the product especially suitable for deployment
in various Asian countries. All Insta Certifier user interfaces
are browser-based, which allows the advanced UTF-8 features of
modern browsers to be used for both data input and output. Also,
thanks to the LDAPv3 support, Insta Certifier can publish UTF-8
content in the directory.
Dual Control and Fine-Grained Separation of Duties
The security of the system can be improved by defining access
control rules for PKI administration and optionally requiring
dual control for most sensitive operations. Different tasks from
user management to CA maintenance and system configuration can
also be given to different administrators.
Flexible LDAP Publishing
Since existing LDAP directories can be freely used regardless
of the directory schema, existing enterprise directories can be
used for publishing certificates and other user data. IT management
becomes easier since there is no need to maintain duplicate data.
OCSP Responder Included
For online revocation data, Insta Certifier includes a built-in
Online Certificate Status Protocol (OCSP) responder. OCSP can
be used to eliminate the risks related to the window of opportunity
of CRLs.
Commercial Database Bundled
Sybase Adaptive Server Anywhere, bundled with the Insta Certifier
installation package, makes installation easier since there is
no need to buy a separate license and install a separate third-party
database. Also, the use of a commercial database allows easy implementation
of backup procedures to ensure quick recovery in case of disk
failure.
Multi-Platform Support
Both the Certifier Engine and the front-end Certifier Servers
can be installed either on HP-UX, Linux, Solaris or Windows. |
Features and benefits 