Overview

For years, the Entrust Managed PKI Service has been approved to offer digital certificates to the Federal government under the Shared Service Provider program.

This same technology is available for state and local government agencies, and other non-federal organizations, that require a non-Federal Shared Service Provider PKI solution.

Cross-certified to the Federal Bridge Certification Authority (FBCA), Entrust Managed Services PKI provides non-Federal government agencies specific capabilities, including strong authentication, digital signatures, encryption, secure physical/remote access and more.

Benefits of Cross-Certification with FBCA:

• Secure information exchange with Federal organizations and other members of the Non-Federal SSP environment
• Trust certificates and digital signatures from all certificated agencies
• Authenticate online identities and information
• Build trust with various assurance levels

Features

Non-Federal agencies can quickly secure applications with digital certificates without requiring internal PKI expertise or investment in secure physical facilities. Focus your efforts on maximizing efficiency and offering more products and services securely.

• Cross-certification with the Federal Bridge Certification Authority (FBCA)
• Cross-certified at multiple assurance levels: test, rudimentary, basic, medium, medium-hardware
• Complete range of digital certificates types for:
  • Authentication
  • Encryption
  • Digital signatures
  • Physical and/or logical access
• Clone of the Entrust Federal Shared Service Provider (SSP) PKI; Entrust has issued digital identification (certificates) for more than 300,000 federal employees
• Ability to issue First Responder Authentication Credentials (FRAC), which comply with U.S. Department of Homeland Security mandates for credentials meeting U.S. Federal PIV standards
• Proven success in the HSPD-12 and GSA e-authentication programs
• Key Management Service that securely archives encryption private keys for recovery in the event of loss
• Easily migrate from a stand-alone, customer-branded CA to the same in the non-Federal SSP environment

Why Entrust?

Entrust Managed Services PKI provides a myriad of capabilities to help meet the security challenges of state and local government agencies, contractors and organizations.

Trusted Security for Less. Entrust Managed Services PKI helps reduce the burden on your security budget by eliminating the need for expensive facilities, upfront investments and expert security staff. Predictable costs allow the solution to grow with you — only pay for what you need.

Government-Strength. Entrust's Federal Shared Service Provider (SSP) PKI solution has been proven by countless federal organizations (e.g., HSPD-12) in real-word environments. This same platform can be used by Entrust's Non-Federal Shared Service Provider customers to cross-certify with the FBCA.

Versatile Enrollment. Numerous approaches to enroll community members in a secure, cost-effective manner, including auto-enrollment, batch-loading, self-service, face-to-face enrollment and more.

The Ready-To-Go CA. We provide a highly available CA with intelligent monitoring and near real-time replication between primary and standby disaster recovery facilities to minimize downtime and data loss.

For the Unexpected. The service offers robust data backup, restore capabilities and comprehensive off-site data archiving to minimize data loss and maximize ability to access prior data.

More Value. More Service. Entrust's certificate and security management services provide a number of value-added options.

• Auditor-witnessed key generation/storage/recovery including storage of CA keys in Hardware Security Module (HSM)
• Certificate and certificate revocation list generation and distribution
• Backup and archive, maintenance, software patches, performance fine-tuning
• CA auditing
• Issuance and management of certificates to smart cards/tokens when using a card management system and/or client-side software
• Issuance of certificates capable of being updated automatically to prevent business interruption due to expired certificates
• Automated identity lifecycle management, robust path development and discovery

Related Products

• Entrust Authority, the PKI foundation for encryption, digital signatures and authentication
• Entrust Authority Security Manager, manages the digital keys and certificates within a PKI
• Entrust Authority Optional Components, a collection of six applications that enhance capabilities for a PKI
• Entrust Authority Toolkits, developer tools for rapid deployment of PKI applications
• Entrust Entelligence Security Provider, an enterprise-wide security platform for the deployment of digital identities

Resources

Guides & Instructions

• Administrator Guide
• Web Certificates User Guide
• Getting started with Digital Certificates and Entrust Managed Services PKI
• Getting an End-User Certificate using Entrust Authority^™ Administration Services
• Getting an End-User Certificate using Entrust Entelligence^™ Security Provider
• Using Entrust Certificates with VPN
• How to use: Entrust Managed Services PKI and Distributed OCSP
• How to use: Digital Certificates with Microsoft® Office® and Microsoft® Windows®
• How to use: Digital Certificates with Adobe PDF Files & Forms
• Sample Adobe Form (For Adobe Acrobat/Reader Versions 8.0 or newer)
• Digital Certificate Enrollment Options
• How to use Digital Certificates with WebsphereMQ

Customer Success

• GCN article on State of Illinois

Data Sheets

• Entrust Managed Services PKI: Standard vs. Branded Solution Guide
• Migrating to Entrust Managed Services PKI
• Entrust Managed Services PKI and the Desktop
• Managed Services PKI
• Why you should use certificates with Entrust Entelligence^™ Security Provider
• Why you should care about audits

White Papers

• Managed Services PKI: Success for Less

Quick Links

• What is PKI?