Dr. Tom Shinder’s Blog RSS

All Blogs  »  Dr. Tom Shinder's Blog  »  Microsoft Security Space  »  Blog article: Building an Enterprise Root Certification Authority in Small and Medium Businesses

Building an Enterprise Root Certification Authority in Small and Medium Businesses

I notice that a lot of small and midsized businesses do not take advantage of the security benefits of putting together a Public Key Infrastructure or PKI. A PKI allows you to take advantage of digital certificates, which can be used in securing your network in a number of ways. Certificates can be used for IPsec server and domain isolation, can be used to secure your network using NAP with HRA and IPsec enforcement, can be used to secure your email messages, can be used to secure connections to your Web sites, and also can be used to encrypt files on your hard disk. And that’s just a small sample of the things you can do with digital certificates.

However, in order to gain these benefits, you need to setup a PKI. The good news is that it’s really not that hard. I found a great article to get the small and medium sized business admin up to speed on putting together a PKI. As they explain:

“After you complete these steps, your network will include an enterprise root CA and you will have access to all of the certificate templates available by using the Certificate Templates snap-in. In addition, client autoenrollment will strengthen authentication for your wireless users by requiring them to use digital certificates during the authentication process. Autoenrollment can make this requirement virtually transparent to users by enabling them to automatically request certificates, retrieve issued certificates, and renew expiring certificates. You can also broaden the protection the Windows Server 2003 PKI provides to your network by expanding your use of the PKI to support additional applications such as digital signatures, IPSec, and so on, that were mentioned earlier

I think you’ll get a lot out of this article and you’ll learn key PKI concepts without having to deal with the sometimes arcane terminology used in the PKI business. Check it out at:

http://technet.microsoft.com/en-us/library/cc700804.aspx

HTH,

Tom

Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer
Prowess Consulting www.prowessconsulting.com
PROWESS CONSULTING documentation | integration | virtualization
Email: tshinder@isaserver.org
MVP — Forefront Edge Security (ISA/TMG/IAG)

This entry was posted on Tuesday, August 12th, 2008 at 7:53 am and is filed under Microsoft Security Space. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response to “Building an Enterprise Root Certification Authority in Small and Medium Businesses”

  1. Rafal Says:

    August 15th, 2008 at 4:15 am

    ok

Leave a Reply

This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)

You must read and type the 6 chars within 0..9 and A..F, and submit the form.

  

If CAPTCHA image is missing or you cannot read the characters above, please generate a


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center