CertM

Organizational Access Management System

  • Automation. Network and CA Scanning – Automatic and Comprehensive
    For detecting all digital certificates on the network (SSL/TLS, SSH, Mobile, WiFi & VPN)
  • Status Management. Certificate expiration alerts and automatic renewal of digital certificates
  • Accessible Display. Centralized display of all digital certificates in the organization on a single screen
  • Monitoring and Management. Filtering, screening, and continuous management of all digital certificates, including: expiration, renewal, suspension, revocation, and more.
  • Display of certificates filtered by CA, up-to-date statistical data, reports, periodical overview, and more.

CertM performs an automatic scanning process and updates the validity of all certificates through a centralized PKI management system:

  • Controls the quantity of certificates present in all organizational systems
  • Reduces reliance on manual error-prone processes, and service/system shutdowns
  • Locates existing certificates and their status

Reduced costs and operating times

Significant failure point neutralization through automatic certificate renewal

Prevents human errors

Continual system scans

Reach out to our sales team

CERTM – System Advantages:

  • Reduced costs and operating times
  • Prevents human errors
  • Central management
  • Automatic certificate renewal (neutralizing a significant failure point)
  • Prevents service shutdowns (enhancing service accessibility)
  • Continual system scans
  • Centralized aggregation of all digital certificates’ data

System Characteristics:

  • Uses digital/automatic processes instead of error-prone manual processes.
  • Ability to detect and view existing certificates and their status
  • Centralized system for managing PKI infrastructures
  • Automation throughout certificate lifecycles
  • Automatic certificate renewal
  • Integration with HSM components
  • Certificate expiration alerts
  • Integration with the organizational CA
  • Integration with international CA providers
 

Automation throughout certificate lifecycles

CA and Network Scanning

  • Network and CA scanning to detect all network digital certificates
  • (SSL/TLS, SSH, Mobile, Kubernetes, WiFi & VPN)
  • Direct scanning via an Enrollment Agent
  • Integrating with Private/Public CAs
  • API for interfacing with third-party systems
  • Integrating with AD
 

Automation

  • Automatic digital certificate renewal
  • Certificate expiration alerts
  • Automated action configuration via API
 

Display

  • All the organization’s digital certificates centralized on a single screen
  • Comprehensive display of all existing digital certificates on the network
  • Comprehensive display of all existing digital certificates on all CAs
  • Current status of every digital certificate throughout its lifecycle
 

Management and Monitoring

  • Digital certificate lifecycle management
  • Search/filter/sort based on required criteria
  • Revocation/suspension of digital certificates
  • Manual/automated management
 

Reporting

  • Digital certificate filtering by CA
  • Filtering based on protocols/ports/devices and more
  • Reports and statistics
  • Alerts and warnings
 

Functionality:

CA and Network Scanning

  • Network scanning and status display of all existing digital certificates (including IIS, Apache, F5, Imperva, GigaMon)
  • Verification of certificates installed on system-linked CAs
  • Automatic search for certificates installed on the organizational network
  • Direct scanning via an Enrollment Agent
  • Certificates catalogued by the components in which they are embedded: protocols, IP addresses, ports, URLs, and more.
 

Monitoring and Alerts

  • Reports and statistics
  • Filtering and screening to generate reports based on required criteria
  • Certificate expiration alerts and warnings, to facilitate timely action
  • Logs collected by monitoring systems through SNMP/SYSLOG
 

HSM Component Integration

  • Secure key storage in a dedicated physical device (HSM) with partitioning capability
  • Key storage for various purposes: SSL, Code Signing, Client Authentication, Docker Container
  • ComSign KSP service on servers/endpoints for communication with the central KSP Server
  • Uses Reference for central HSM
  • Automatic creation of a KDC authentication certificate (for LOGON) from the central HSM using ADCS
 

Central Management

  • Easy-to-use and Intuitive Control Screen (WEB) for management
  • Issues various digital certificates such as SSL, Authentication, etc.
  • Digital certificate creation, configuration, signing, and issuance
  • Display of all network certificates, with advanced filtering options
  • Automatic certificate renewal close to expiration date (configurable)
  • Alerts to system manager (via email/SMS) regarding expiring certificates
  • Revocation/suspension of digital certificates
  • Certificate display/download
  • Full resilience
 

Interfaces:

  • System is On-Prem/SaaS
  • Integrates with several CAs
  • Integrates with organizational CA services (supports MSCA/EJBCA)
  • Integrates with external CA services (DigiCert)
  • Integrates with HSM components (given CSP)
  • Integrates with AD
  • Integrates with data security and monitoring systems
  • Integrates with third-party systems
  • Integrates with external DB
  • REST/SOAP API

Our customers:

Reach out to our sales team