On January 19, 2021, GlobalSign announced the release of AEG 6.4, a new version of the Auto Enrollment Gateway , along with which a small but unique program is presented: a cross-platform agent for automatically issuing and managing certificates for Windows, Mac OS and Linux. The company claims this is the first such offering from any certification authority in the world.
Registration agent
Cross Platform Enrollment Agent is a small program that installs on a device and uses the ACME or SCEP protocol to communicate with the AEG. In many cases, the agent will also enforce certain industry rules or national regulations. In addition, the agent removes the barriers to S / MIME as it runs on any platform and operating system, which also improves scalability. For example, if an employee leaves the company, his keys are automatically archived.
Enrollment Agent is easily installed on any Windows, macOS and Linux client or server. The utility helps you set and manage your certificate management policies through AEG's intuitive dashboard.
In addition, the agent automatically issues and monitors certificates. It is a superbly scalable method for deploying certificates to devices, machines, S / MIME clients, and servers in an organization.
βInstalling agents on their endpoints gives the organization more reach and control over its entire network,β saysLeela Key is the CEO of Americas Operations at GlobalSign. βIt also means that users and administrators no longer have to rely on complex certificate enrollment methods, ultimately improving certificate management. We really put the final point in automating this process. AEG 6.4 is ideal for organizations looking to start or optimize telecommuting, secure BYOD networks and automate PKI functions that consume time and resources in manual management. β
What is Auto Enrollment Gateway
Auto Enrollment Gateway is a fully automated PKI solution that integrates PKI directly with Active Directory so that in a Windows environment, you can automate certificate issuance and management without having to maintain your own CA. Support for SCEP and ACME v2 extends certificate usage beyond the Windows domain, allowing you to automate certification for Linux servers, mobile, network, and other devices.
By outsourcing encryption and certificate management services to a trusted CA, the company mitigates the risks associated with managing and maintaining its own PKI infrastructure.
If public trusted certificates are required (for example, to send encrypted or electronically signed emails outside the company), you can obtain such a certificate not through the private root CA, but through the public trusted root GlobalSign CA.
When applying for a certificate, the private key is securely sent to a dedicated local server and archived on it. Key archiving and recovery is critical when using the S / MIME protocol and helps to avoid permanent loss of encrypted data if the original encryption key is no longer available.
In general, for many companies, AEG is a more secure and convenient solution than running their own CA. Having your own CA is ultimately very expensive when you factor in specialist salaries and server maintenance. At the same time, AEG automates the issuance and maintenance of certificates of all types, including:
- Logging in with smart cards
- Electronic signatures in Microsoft Office documents,
- Code Signing
- Email protection
- SSL / TLS
- Encrypted File System (EFS) file-level data encryption in operating systems
- User Authentication
- Device authentication
- Mobile Authentication
- etc.
AEG Gateway is ideal for any company with more than 500 employees and / or devices , or anyone using Microsoft Active Directory. PKI management and automation are especially in demand in the current environment, which requires employees to work remotely.
AEG 6.4 also implements the security options that companies now need: S / MIME for secure email, remote network authentication, and tools to manage it all. This reduces the burden on the IT department, saves time and money of resources, and significantly increases the level of company security.