Skip to main content
banner image
venafi logo

Another Reason to Celebrate this Season: Simplified Usability and SSH Security

Another Reason to Celebrate this Season: Simplified Usability and SSH Security

Making PKI easier for the occasional user
December 13, 2016 | Allen Marin

In keeping with the spirit of the holidays, we have a gift for your overworked PKI teams and their internal customers. We’ve updated the Venafi platform to make it easier for PKI teams to delegate certificate management functions to system administrators. With our enhanced intuitive interface, non-PKI admins can easily and effectively manage certificates for the systems and applications they are responsible for. This frees your PKI teams to focus on higher-level goals such as ensuring that the overall enterprise key and certificate environment remains ultimately secure.  

Today we’re unveiling Venafi Trust Protection Platform 16.4, and we’re as excited about unwrapping the new usability enhancements as we are about new SSH and F5 integration features. This release highlights our commitment to providing our customers with the most advanced key and certificate security while at the same time simplifying management for security novices, like many system and application admins.

As I mentioned in a previous blog, it’s rare to find a system admin who really understands encryption and public key infrastructure (PKI) in depth. Only occasionally do they need to request or renew certificates for their applications and devices.  

But these occasional users are scattered across your IT team managing databases, servers, load balancers, and other network devices that need valid certificates to communicate securely across the network. They’re specialists in keeping their applications online and optimally tuned. PKI is not an area of strength or interest, frankly. With that in mind, we continue to enhance the intuitive usability in the Venafi Trust Protection Platform for occasional users.

In addition to these new usability enhancements, we’re also introducing tighter integration with F5 Big-IP Local Traffic Manager devices.  Here we’re simplifying how F5 administrators can propagate a single certificate to multiple F5 devices, which is going to reduce the time and effort these administrators need to dedicate to managing the security of their load balancers. If you have F5 in your environment, you should really look into this.

Let’s assume that all your F5 devices have certificates. Your PKI team needs to manage and secure these certificates with the same centralized solution that you use for all your other certificates. If you are already a Venafi customer, you’re probably already doing that. If you’re not yet a customer, you should think seriously about getting a handle on the thousands of certificates that may be running amok across your enterprise.

But it’s not just certificates we can help bring under control. We also help manage and secure the throngs of SSH keys across the enterprise. The SSH keys that allow privileged access for your entire IT staff need to be actively monitored for strange or peculiar behavior. Say, for instance, you notice the recent use of a key belonging to a former employee. You should have automated the deletion of that key when the employee left the organization well before it became a potential vulnerability.

Thankfully, we have a solution for bringing all your SSH keys under control, too. And this latest release includes an option to encrypt SSH key material stored in Trust Protection Platform database with Hardware Security Module (HSM)-based symmetric keys. We’re also extending support for our SSH solution to IBM z Systems mainframes.

Yes, there are more features in this release, but we only had room to hit the highlights here. Contact us to learn more about how to better manage and protect your encryption environment.  

Like this blog? We think you will love this.
Featured Blog

Most Common SSH Vulnerabilities & How to Avoid Them

Most common SSH vulnerabilities

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Allen Marin
Allen Marin

Allen Marin writes for Venafi's blog and is an expert in machine identity protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more