http://www.rt-solutions.de
 
 english   deutsch   


rt-solutions.de - networks you can trust.
homeour servicesaboutnewsclient listcasestudiespartnershipspublicationscontact

casestudies   1   2     3   4   5   6   7   8   9   10   11   12   13   

Introduction of corporate-wide global internal Public Key Infrastructure

Sector
Pharmaceuticals Industry

Project details
Certificate-based security mechanisms are being attributed an ever-growing importance within the modern corporate IT. It is indispensable for many applications that a company can issue and roll out possibly automatically a great number of certificates that are flexible and adapted to its own needs. For a globally operating company with a staff of more than 30.000 people and dozens of corporate sites an internal company PKI, acting as the foundation for a series of security-related application, had to be designed and implemented. The supported applications include:
  • File and Hard disk encryption
  • Encrypted and Signed internal Email
  • IEEE 802.1x for the LAN and WLAN
  • Secure Web-Services
  • VPN
  • Code and Macro Signing
  • Smart Card Authentication
Following a detailed requirements analysis a special customer-customized concept was proposed for the Implementation and worldwide launch of the PKI. This concept had to allow for the following points:
  • Integration and Migration of the existing partial PKI solutions
  • Composition of a corporation-specific Certification Policy (CP/CPS according to RFC 3647)
  • Definition of a CA hierarchy adapted to the corporate organizational structure
  • Full integration with the corporate Active Directory
  • Design of application-specific Certificate Templates
  • Prototypical Implementation and testing of the aforementioned applications
  • Integration into the existing administrational-, management- and backup-structures
  • Role-based Security for the PKI Administration
  • High Reliability and Disaster Recovery Capabilities through appropriate Redundancy and Security strategies
  • Uninterruptible launch and change-over of the Core PKI and individual applications
Time frame and T&M
The Conception and Implementation took place within a period of 9 months with an expense of app. 400 man-days.

Deployed Technologies
  • X.509 Certificates
  • Windows 2003 Server PKI
  • IIS
  • IEEE 802.1x with EAP-TLS and RADIUS
  • Signing and Encryption of MS Office, Outlook and Exchange
  • Authenticode
  • SSL-VPN
  • Smartcards
Result
The project was implemented successfully within the time and budget frames. By means of a professional project proceeding, a consistent implementation of Best Practices while at the same time adapting to company specifics and of extensive tests before the Roll-out a smooth implementation and an uninterruptible migration of the former partial PKI solutions and the applications based on them could be guaranteed. The PKI is today operational and constitutes the solid basis for the step-by-step introduction of other certificate-based applications. With it was successfully implemented one of the as yet largest Microsoft-based PKIs.

Weitere Infos zum Thema

  go to downloads->


Callback

Please contact me:

Company
Last Name*
Telephone number (please include the international prefix)*
E-Mail*
 



©2010 rt-solutions.de GmbH
 digital VCard