|
Back to home page
Virtual Private Networks (VPNs) based on IPSec allows a company to extend their local network to connect branch offices, remote users, business partners and customers via the Internet. However, VPNs (like all other types of networks) are vulnerable to attack by hackers. The IPSec standard enables these networks to be secured providing confidentiality and integrity.
VeriSign Trusted IPSec from BT integrates into such VPNs providing scalability and enhanced authentication. The Trust IPSec service is the ideal solution for efficiently issuing digital certificates to every user and networked device in an enterprise including firewalls, routers and gateways.
Key Benefits and Features
- Control - the administrator controls digital certificate issuance and management
- Easy to deploy - set up quickly without extensive training and configuration. The Managed PKI Control Centre provides intuitive tools for managing certificates
- Scalability - as a business grows, centralised control and reporting, customisable validity periods, and rapid turnaround make it easy to issue all the certificates necessary for devices and clients on a VPN
- Flexibility - adapt certificate enrolment, renewal, or revocation requirements as needed
- Reliability - BT Trust Services high-security operations centre provides certificate processing, back-up systems and customer support
- Managed service - BT Trust Services provides a managed outsourced CA without the need for the Customer to either build the secure location and infrastructure required nor to implement and manage the CA themselves
- World-class technology - Trust Services, based on VeriSign technology, is a recognised leader in developing PKI systems, backed by proven experience.
What is IPSec ?
IPSec, standing for Internet Protocol Security, is a framework of open standards for securing private communications on the Internet. It establishes secure, encrypted communications at the network level between firewalls, routers and remote access devices. The IPSec standard ensures :
- authentication - validating the identities of communicating parties;
- integrity - protecting data from alteration en route; and
- privacy - safeguarding information from interception.
IPSec can use either "shared secret keys" or PKI keys for initiating a secure encrypted communication - but shared secret keys cannot scale beyond a handful of devices. A PKI (Public Key Infrastructure) solution - Trusted IPSec - enables your organisation to easily and quickly issue as many Digital Certificates as your network demands.
Compatibility
Many vendors have implemented certificate lifecycle management components into their VPN gateways, firewalls, routers and desktop clients by employing industry standard protocols. This allows them to work seamlessly with VeriSign Trusted IPSec from BT without having to incorporate and support proprietary, single vendor oriented components into their products. The time to deployment of the highly available infrastructure of Trusted IPSec can be leveraged by vendors using the following protocols : CAPI, CRS, CSR, PKCS 7, PKCS10, PKCS12 and SCEP.
Installation Support
The Trusted IPSec Lite service can be applied for directly from the Trust Services web site, through a web-based service enrolment form. The request would then be authenticated and verified by Trust Services prior to issue. After configuration of the service, IPSec digital certificates can be issued and installed onto network devices such as routers, firewalls and gateways.
Due to the complex nature of network devices, it is strongly recommended that application and installation of the service, as well as IPSec certificates, be carried out by a qualified engineer who is well versed in the technology. If required, additional support for installing IPSec certificates onto devices can be obtained from the device vendor.
|
