“PKI Proposal” : why do you need an internal PKI ?

One of the things that any IT pro should understand and spend time doing, is to secure his infrastructure and applications. Nowadays, everything you do in your infrastructure or any new Microsoft solution, depends heavily in digital certificates to authenticate, sign or encrypt things.

I guess investing in an internal PKI infrastructure is a must in all corporations and networks. If you want to have SSL, TLS , Bitlocker DRA, IPsec, PEAP, EAP-TLS , 802.1x authentication, code signing, driver signing, EFS, or even S/MIME, you will have to use some sort of digital certificates.

Moreover, every Microsoft product being released, requires and depends on digital certificates. Take Exchange or Lync for example.

Not only this, if you want to integrate with third party solutions, you would need some kind of certificate to authenticate the transaction. I came over a Polycom device that needs a certificate to talk to Lync servers. This makes sense, because you need a way to establish a trust channel before forwarding your traffic between two different devices or applications.

I have written a small PKI proposal explaining why a corporate needs to consider an internal PKI solution, and what is the cost for not having one.

You can find the document here :http://sdrv.ms/InAJvc

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s