Follow Managed PKI on Twitter @SymantecMPKI
Symantec would like to announce the release of Managed PKI Service v8.8, which includes support for the newest platforms and browsers, local key escrow and recovery service, and features to address evolving NIST guidelines.
Summary of New Features:
- Support for heterogeneous environments
- New platforms and browsers (IE 10 on Windows 8 platforms; PKI Client support for Windows Vista 64-bit)
- Automate the enrollment process for MAC environments
- Key Management Enhancements
- Local key escrow and recovery service
- Support for evolving NIST standards with ECC based keys
- Support for WiMAX and DOCSIS certificates
- General user interface enhancements improve Administrator experience
Support for heterogeneous environments
New platforms and browsers: We recognize that the majority of your environments are heterogeneous with rapidly changing versions of operating systems and browsers, which makes staying current one of our top priorities. To support the latest Microsoft Windows environments, we have added support for certificates enrolled through Internet Explorer 10 browsers on Windows 8 platforms. In addition, to address customer demands, PKI Client now supports Windows Vista 64-bit.
Automate the enrollment process for MAC environments: For Apple MAC platforms, PKI Client Auto Enrollment is now available, providing a transparent and seamless user experience when issuing certificates for end users on machines that are joined to a Windows domain. Managed PKI Service and PKI Client provide full lifecycle support including auto enrollment, making the process transparent for the user - across heterogeneous platform (Windows, MAC, Android, and iOS) and browser environments.
Key Management Enhancements
Local key escrow and recovery service: The local key escrow and recovery service features are currently available in the legacy Managed PKI Service and for Trust Center customers. This valuable functionality has now been added to Managed PKI Service 8.8. With it we allow you to escrow your users’ private keys and recover them in the event they are lost. You can store your user’s private keys in a user store at their enterprise location; however this does require an installation of PKI Enterprise Gateway. Key escrow and recovery can be managed through PKI Manager or through PKI Web Services.
Key Signing: Another enhancement that brings Managed PKI 8.8 in parity with the legacy Managed PKI Service is the addition of the following signing and encryption algorithms:
- SHA1 with RSA encryption
- SHA256 with RSA encryption
Symantec Managed PKI Service strives to support evolving NIST standards, provide the most comprehensive support for all platforms and devices, and is dedicated to obtaining the best performance possible. To this end, this release now offers support for certificate lifecycle operations for certificates with Elliptic Curve Cryptography (ECC) based keys. Devices using ECC based keys require less storage, less power, less memory, and less bandwidth than other systems. Now you can implement cryptography in the devices you manufacture (even if they are constrained): wireless devices, handheld computers, smart cards, and thin-clients. Smaller sized ECC keys are equivalent to large sized RSA Keys— something that will be important as stronger security systems become mandated and devices get smaller. It also provides a big win in situations where efficiency is important. The release notes provide a complete list of the supported ECC and DSA signing and encryption algorithms.
Support Additional Certificate Formats
WiMAX and DOCSIS certificate formats previously supported only in the legacy Managed PKI Service are now available in 8.8. WiMAX certificates are used to identify and authenticate the identity of devices and servers in a WiMAX network. DOCSIS certificates are used to secure cable modems. WiMAX and DOCSIS certificates provide data confidentiality, content integrity, and hardware and software authentication.
General User Interface Enhancements
With each successive release Managed PKI continues to improve ease of use. General user interface enhancements in this release include: an improved dashboard that reflects seat usages for different seat types, for a smoother and improved administrator experience; and user interface enhancements for the RA certificate enrollment page.
Platform and OS Requirements
The following are platform and OS requirements for Managed PKI 8.8.
PKI Manager |
|
PKI Certificate Service |
|
PKI Client |
|
PKI Enterprise Gateway |
|
See the product release notes for complete details including all version numbers.
Technical Support:
We value your business and are committed to customer care. Please contact us if we can assist or answer any questions. Symantec Support can be reached via email at: enterprise_pkisupport@symantec.com or by phone at +1-650-426-3535 or 1-800-579-2848.
Disclaimer: Any information regarding pre-release Symantec offerings, future updates or other planned modifications is subject to ongoing evaluation by Symantec and therefore subject to change. This information is provided without warranty of any kind, express or implied. Customers who purchase Symantec offerings should make their purchase decision based upon features that are currently available.
- Support for heterogeneous environments
- New platforms and browsers (IE 10 on Windows 8 platforms; PKI Client support for Windows Vista 64-bit)
- Automate the enrollment process for MAC environments