Real Life Enterprise PKI MMS Minnesota 2014 Hasain Alshakarti – TrueSec Enterprise Security #MMSMinnesota #MMSConfigMgr #MMSLove.

Slides:

Advertisements

Similar presentations

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.

Advertisements

Hardware Security Modules and Kerberos Asanka Herath Secure Endpoints Inc.

KIERAN JACOBSEN HP Understanding PKI and Certificate Services Gold Sponsors Silver Sponsors.

Deploying and Managing Active Directory Certificate Services

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Internet Based Client Management

DESIGNING A PUBLIC KEY INFRASTRUCTURE

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

Chapter 11: Active Directory Certificate Services

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Practical PowerShell Tips & Tricks MMS Minnesota 2014 Trevor Sullivan, Jeff Wouters, David O’Brien – @david_Obrien.

Automating Microsoft Azure with PowerShell MMS Minnesota 2014 Trevor Sullivan and David O’Brien – #MMSMinnesota.

Advanced Infrastructures In System Center Configuration Manager 2012 R2 Jason blog.configmgrftw.com m Wally.

Your CMDB and PowerShell DSC: DevOps Techniques

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Configuring Active Directory Certificate Services Lesson 13.

1 Digital Credential for Higher Education John Gardiner August 11, 2004.

1 Week 10 – Manage Multiple Domains and Forest Configure Domain and Forest Functional Levels Manage Multiple Domains and Trust Relationships Active Directory.

Active Directory ® Certificate Services Infrastructure Planning and Design Published: June 2010 Updated: November 2011.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Troubleshooting OS Deployment MMS Minnesota 2014 Johan Michael #MMSOSD.

PowerShell DSC v. ConfigMgr Compliance Settings MMS Minnesota 2014 Greg Ramsey David O’Brien Sherry Kissinger #MMSMinnesota.

WebTrust SM/TM Principles and Criteria for Certification Authorities CA Trust Jeff

SCORCH – Fun Recipes for RunBooks MMS Minnesota 2014 Steve Jesok & Matthew #MMSSCOrch.

Service Models in SCOM with VSAE examples

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.

Get MMS Right at Home Every Month MMS Minnesota 2014 How to start / grow / sustain a professional user group community. #MMSMinnesota #MMSCommunity #MMSLove.

Advanced MP Authoring and Design Getting outside of the wizard and into the MP code with VSAE MMS Minnesota 2014 Nathan Foreman Jonathan Almquist #MMSSCOM.

System Center Reporting Zero to Hero 15 minutes x 4 MMS Minnesota 2014 Samuel Erskine (Sam) Dieter Gasser (Didi) IT Driving Fellow Principal Consultant.

Configuring Directory Certificate Services Lesson 13.

Maintaining Network Health. Active Directory Certificate Services Public Key Infrastructure (PKI) Provides assurance that you are communicating with the.

Yes, Applications DO work in task sequences!

Module 9: Designing Public Key Infrastructure in Windows Server 2008.

Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®

PKI: News from the Front and views from the Back Ken Klingenstein, Project Director, Internet2 Middleware Initiative Chief Technologist, University of.

PKI Future Directions 29 November 2001 Russ Housley RSA Laboratories CS – Class of 1981.

A ConfigMgr 2012 Site Review MMS Minnesota 2014 Kent Agerlund / Steve Thomson.

Module 2: Introducing Windows 2000 Security. Overview Introducing Security Features in Active Directory Authenticating User Accounts Securing Access to.

Creating and Managing Digital Certificates Chapter Eleven.

Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)

ConfigMgr! Intune! Azure!ConfigMgr! Intune! Azure! Understanding Cloud Based Management Options Steven Rachui

Nano ServerNano Server The Future of Window Server Mikael Johan

Managing iOS Device Using ConfigMgr and Intune Hybrid MDM John Presenter #2 Twitter Handle Blog or address.

Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”

Introduction to Administering a SQL Server Matthew Steve Thompson, stevethompsonmvp.wordpress.com.

The Art of deploying Windows 10 With ConfigMgr 2012 R2 Johan Mikael

XPlatform ManagementxPlatform Management Windows Provisioning from *nix David James.

Midwest Management Summit MMSSQL – What are Your SQL Reporting Questions? #MMSMinnesot a #MMSSQL.

ConfigMgr 2012 SQL Refresher MMS Minnesota 2014 Matthew Teegarden/Steve Thompson.

ConfigMgr 2012 Jeopardy Quiz MMS Minnesota 2014 Kim Oppalfens & Kent Agerlund Microsoft MVP: Enterprise Client Management #MMSJeopardy.

OS Deployment - LEVEL 500OS Deployment - LEVEL 500 Johan

Restricted Admin & Credential Exposure MMS Minnesota 2014 Hasain Alshakarti – TrueSec Enterprise Security #MMSMinnesota #MMSConfigMgr #MMSLove.

Server OS Deployment Deep Dive with two crazy guys and ConfigMgr 2012 R2 MMS Minnesota 2014 Greg Nash.

900 Degrees of Service Manager with 3 International System Center Chefs MMS Minnesota 2014 Steve Buchanan (System Center MVP) Dieter Gasser (CPMB - Author)

Sweet SUITE Imaging MMS Minnesota 2014 #MMSMinnesota #MMSConfigMgr #MMSLove Steven Rachui Premier Field Engineer Microsoft Corporation

Building and extending the internal PKI

Maintaining Network Health Lesson 10. Active Directory Certificates Services 2 A component of Microsoft Identity Lifecycle Management (ILM) ILM allow.

Ondrej Sevecek | GOPAS a.s. MCSM:Directory Services | MVP:Enteprise Security | CISA | CEH | CHFI | Enterprise certification.

Winning at Virtualization Management with System Center MMS Minnesota 2014 James Moots Veeam Software Manager, Systems Engineers.

Maintaining Network Health

Module 1: Identity is the New Perimeter

Shielded VM and Guarded Fabric

CIS 409Competitive Success/tutorialrank.com

کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)

جايگاه گواهی ديجيتالی در ايران

CS 465 Certificates Last Updated: Oct 14, 2017.

National Trust Platform

OCSP Requirements GGF13.

Presentation transcript:

Real Life Enterprise PKI MMS Minnesota 2014 Hasain Alshakarti – TrueSec Enterprise Security #MMSMinnesota #MMSConfigMgr #MMSLove

Level of protection required? Polices & Compliance Tiers & Hierarchies Key length, Lifetime & Integrity Algorithms Availability & Recovery Revocation Information Administration & Roles Audit & Monitoring

Key Integrity? Offline Hardware Security Module (HSM) Least Access & Least Privilege Hardened System

Algorithms Signing (RSA/DSA/ECC) Hashing (SHA1/SHA256)

Tiers & Hierarchies Whitepapers & Books Requirements Policy & Compliance Functional Organizational

Availability & Recovery Functional Availability Issuing Revocation Information Backup

Revocation Information PKI Client centric Base, delta and overlapping CRL OCSP Caching Validation behavior & usage Application oriented

Enterprise vs Standalone CA? Trust: Issuer of Authentication Tokens “Golden Ticket” Ent CA = DC Ent CA Admin = Ent Admin Enrollment Certificate Templates (AD Objects) Auto Enrollment (AD ACE & Templates)

CA Compromise? Relying Parties (RP)

Real Life Enterprise PKI Evaluations Please provide session feedback by clicking the Eval button in the scheduler app. One lucky winner will get a free ticket to the next MMS! Visit all of our sponsors in the expo area and online! Platinum Sponsors: Gold Sponsors : MMS Minnesota 2014 Hasain Alshakarti – TrueSec