Microsoft Internet Information Services (IIS) for Windows Server is a Web server application. nShield Hardware Security Modules (HSMs) integrate with IIS 10.0 to provide key protection with FIPS-certified hardware.
Entrust Sigma ID Card Printers are specifically designed for today’s cloud environments and give you the ability to easily issue secure identities.
Entrust provides a holistic solution for digital onboarding, credential issuance, and identity verification to enable seamless and secure digital government service delivery.
This guide provides instructions for integrating an nShield HSM with Microsoft Active Directory Certificate Services (AD CS), Online Certificate Status Protocol (OCSP), and Microsoft Windows Server 2019 and Microsoft Windows Server 2016 (Standard, Datacenter, and Server Core editions).
This document describes the integration of Microsoft Azure Key Vault Bring Your Own Key (referred to as Azure BYOK in this guide) with the Entrust KeyControl Key Management Solution (KMS).
You can integrate Microsoft 365 with a Entrust Time Stamp Option Pack to permit theuse of time stamping to seal documents. The Entrust Time Stamp Option Pack is referred to in this guide as Time Stamp Server (TSS).
Always Encrypted is a feature in Windows SQL Server 2019 designed to protect sensitive data both at rest and in flight between an on-premises client application server and Azure or SQL Server database(s). Data protected by Always Encrypted remains in an encrypted state until it has reached the on–premises client application server, this effectively mitigates man in the middle attacks and provides assurances against unauthorized activity from rogue DBAs or admins with access to Azure/SQL server Databases. Always Encrypted was designed to be used in conjunction with Transparent Data Encryption (TDE) however; TDE is NOT a requisite for implementing Always Encrypted.
This guide describes the integration of Microsoft Internet Information Services (IIS) for Windows Server with Entrust nShield® hardware security modules (HSMs). The integration of the nShield HSMs with IIS provides full key life-cycle management with FIPS-certified hardware and reduces the cryptographic load on the host server CPU.
This document describes how to integrate the Microsoft Network Device Enrollment Service (NDES) with the Entrust nShield hardware security module (HSM) as a Root of Trust for storage encryption, to protect the private keys and meet FIPS 140-2 Level 2 or Level 3.
This guide covers integration of the Host Guardian Service (HGS) role included in Microsoft Windows Server 2019 with the Entrust range of Hardware Security Modules (HSMs). The HGS can only be configured on Windows Server 2019 Standard or Datacenter; the HGS role is not supported on Nano Server or other versions of the Windows operating system.