Businesses rely heavily upon SSL/TLS certificates to encrypt data and authenticate systems and applications – both inside and outside the corporate network. The use of keys and certificates will continue to grow as businesses need to ensure appropriate access across servers and applications. In fact, the Ponemon Institute’s 2015 Cost of Failed Trust Report reveals that over the last two years, the number of keys and certificates deployed on network appliances, web servers, and cloud servers grew over 34% to an average of almost 24,000 per enterprise. This leaves enterprise IT environments challenged to secure and keep up with rising key and certificate deployments in the data center.
To ensure successful management of keys and certificates, organizations must gain visibility into every SSL/TLS key and certificate present, including those on network infrastructure solutions such as Application Delivery Controllers (ADCs). When strategically deployed throughout the data center, ADCs enable applications to be highly available, accelerated, and secure. However, most ADCs need to be manually configured to discover thousands of certificates in the network. System administrators need to generate keys and request certificates, as well as oversee installation and configuration. And with so many other network devices like NGFWs, IDS/IPS systems, and servers requiring access to keys and certificates, this process is burdensome, error prone, and can cause certificates to expire which lead to network outages. Manual processes and the lack of a centralized key and certificate management system can limit operational efficiency and also leave gaps in security.
What do you need to do optimize your ADCs and reduce your SSL/TLS security risk?
A10 Networks and Venafi have partnered to create a joint solution with the A10 Thunder ADC line and Venafi Trust Protection Platform that helps organizations automate the management and security of the entire certificate lifecycle process. Here’s how the Venafi and A10 Networks joint solution can help:
Avoid Outages with Complete Visibility
When digital certificates expire, it disrupts the very systems they were installed to protect. These expirations often occur from a lack of visibility and 54% of enterprises admit to being unaware of how many certificates they have in use, where they are used, and who is responsible for them. The certificate expirations create outages which lower productivity and cause a loss in revenue, profits, and customers.
To avoid certificate expirations and outages, Venafi TrustAuthority detects and monitors all keys and certificates across enterprise networks, the cloud, and multiple CAs. Having complete visibility can also provide a baseline to flag anomalies, policy violations, and misuse.
Enforce Policies and Workflows Venafi TrustAuthority provides automated workflows for issuance, renewal, installation, and validation to enable rapid, secure deployment of SSL/TLS keys and certificates. These policies and workflows also enable distribution of keys and certificates to your A10 Thunder deployments across the data center.
Automate Management and Security Venafi TrustForce enables automation with full end-to-end certificate provisioning and lifecycle control for complex ADC and load-balanced encryption environments such as your A10 Thunder ADC deployments. This lifecycle automation for A10 devices includes provisioning processes such as key generation, certificate signing request (CSR) generation, CSR submission, certificate authority (CA) approval, issued certificate retrieval, certificate installation, private key backup, and certificate renewal.