PKI and key management
Security with keys and certificate
PKI and key management allows building trusted IT infrastructures and guarantee secure communication in highly networked systems. Reliable authentication as well as signing and encryption of data are mandatory for maximum IT security.
Public key infrastructures (PKI) allow to issue, manage and verify digital identities in a secure way.
The ECOS TrustManagementAppliance is a PKI and key management solution securing mobile devices, PCs, servers, processes and other devices in the (I)IoT area.
One PKI for all platforms
Certificate-based security for desktops and mobile end devices
Network and server security
The ECOS security concept for client and server authentication
Industrial security 4.0
Certificates and keys protect man and machine
Techem operates PKI
Techem, the leading service provider for smart and sustainable buildings, relies on securely encrypted data transmission of meter readings and consumption values from millions of buildings.
The ECOS TrustManagementAppliance secures the data traffic for over 52 million wireless data collection devices at Techem
Performance Features:
- Create, renew, revoke certificates
- Certificates, secrets and symmetric keys
- Key length and signature algorithm freely configurable
- Freely definable and assignable metadata
- Automatic certificate renewal
- Classifying and structuring of certificates
- Distributing certificates by LDAP, SCEP, CMC, CST, EST or Windows service
- Refueling or creation of certificates on the smartcard
- Self-service portal for users, helpdesk and administrators
- Secure storage in hardware security module
- Coupling with AD or other metadirectory
- All functions controlled via HTTP API
- Multi-level root- and sub CAs
- Central administration of tenant-specific root CAs
- Integration into existing PKI, as root- or sub CA
- Import interface for public and private certificates
- SNMP interface for the connection of a monitoring system
- syslog interface for the connection of an aggregation tool
- Operation under VMware, Microsoft Hyper-V, other virtualization platforms or dedicated hardware
- Preconfigured ISO image with ECOS Secure Linux and TMA
- Certificate validation via CRL or OCSP
- RADIUS server for IEEE 802.1X authentication
- Support of OTP tokens, software tokens and SMS
- Granular rights assignment by admin interface
- Predefined reports and custom report editor
- Automatic notification system via Active Reports
- Cluster operation, even cross-site