Entrust Authority Security Manager Proxy

Features and Benefits

Entrust Authority Security Manager Proxy working with Entrust products, facilitates communication and deployment of a certification authority (CA). Specifically, the Security Manager Proxy makes it possible for all communication with the Entrust Authority products to be conducted over standard firewall friendly protocols, i.e. HTTP and TLS.

The product consists of a client-server architecture where requests to communicate to various back-end infrastructure servers are sent to the client component and wrapped in HTTP and/or TLS and sent to the server component. The server component unwraps the requests and sends them to the specific back-end infrastructure server.

The Security Manager Proxy software:

  • Facilitates Communication with the CA — The Security Manager Proxy facilitates the communication between the client and various back-end corporate infrastructure servers in standard Internet protocols. Many customers operate a Certificate Authority from a central location and have several applications communicating with that CA over the Internet. The Security Manager Proxy eliminates the need to open extra ports in a firewall by communicating with the Certificate Authority using standard Internet protocols.
  • Provides Support for Standard Internet Protocols (HTTP and TLS) — The Security Manager Proxy provides a generic mechanism to allow Entrust products to travel over well-known and supported protocols (HTTP and TLS) on any port in order to pass through firewalls. This generic mechanism increases flexibility so that customers can use Entrust products without adding to existing firewall configuration concerns.
  • Enables Trusted Service Providers — Trusted Service Providers can operate a Certificate Authority over the Internet with minimal changes to their firewall policies or that of their customers. This accelerates a Service Providers time to market with more services.
  • Enables Customers to Deploy — Entrust from a central location without requiring that they circumvent their existing security policy including changes to firewall ports or authentication.
  • Provides Filtering — The Security Manager Proxy software can be configured as a filter so that packets that are not recognized are blocked from gaining access to the CA.
  • Enables Secure LDAP communication — Secure LDAP communications between Entrust products and LDAP Directories. Communications between the client side proxy and server side proxy can be protected with Transport Layer Security (TLS). This enables customers to locate Entrust Administrative clients remotely and have them communicate with back end servers via the Internet without sending username and password in the clear.
  • Provides Additional protection of the Certificate Authority — By preventing Denial of Service and overload by controlling the number of concurrent sessions by validating packets before they are transmitted from the client side proxy and after they are received at the server side proxy. Both the original communication message and the message after transit through http firewalls and proxies are validated.

Learn more about how the Security Manager Proxy works and which platforms are supported.

Contact us to place an order.