Trust, but validate.
Lost or stolen laptops, mobile phones, or smart cards pose a high-security risk for companies, as cryptographic keys on these devices can lead to misuse. To prevent misuse, it must be possible to validate digital certificates in real-time, and revocation should be as fast as possible. However, the increasing number of web applications and secure communication channels in companies make the real-time validation of certificates challenging. primeid VALIDATE offers a secure and scalable high-performance solution to request revocation information in real-time.
primeid VALIDATE offers a secure, robust, and scalable solution to retrieve revocation information of digital certificates in real-time. Certificate status changes are immediately and in real-time transmitted to the primeid VALIDATE Server. All corporation-relevant certificates are also backed up on this server, ensuring disaster recovery and business continuity. Relevant cryptographic keys are stored in hardware security modules (HSMs), providing the highest security and transaction rates of >950 requests per second per node. The primeid VALIDATE Proxy enables advanced network zone architecture as well as the pre-validation of request and caching mechanisms.
VALIDATION OF X.509 CORPORATE CERTIFICATES
Revocation information must be available for every X.509 certificate. primeid VALIDATE is a simple, efficient, and secure solution to request revocation information in real-time.
REVOCATION OF COMPROMISED KEYS
If keys have been compromised, the corresponding certificate must be revoked as soon as possible. primeid VALIDATE offers a solution to prevent the further use of lost or stolen certificates and keys.
- Retrieval of revocation information in real-time
- Cluster operation with data replication on every node
- Load balancing and scalability
- Appliance solution for easy installation and extensibility
- Support of network- and PCIe HSMs (in hardware appliance)
- Available as a physical and virtual appliance
- primeid VALIDATE Admin to manage nodes, configuration, and certificates
- primeid VALIDATE Monitor for statistical analysis (load, usage of certificates, etc.)
- Connectivity to external monitoring systems (e.g. SNMP)
- Detailed logging, enabling individual reporting and analysis (external tool support)
- Toolset for easy migration and initial import at the initial operation
- primeid VALIDATE proxy for pre-validation of requests and establishing network zone separation
Any questions? Need more information? Contact us.