Tumbleweed Validation Authority
the most widely deployed validator of digital
certificates
Banks,
governments, and businesses worldwide rely on their
Public Key Infrastructure (PKI) and digital certificates
to secure everything from corporate network access to
multi-million dollar electronic transactions to physical
access of military facilities. Trusting an invalid
certificate can expose an organization to potential
fraud, theft, and compromise. Organizations rely on the
Tumbleweed Validation Authority™ Suite,
the leading identity validation solution, to protect the
integrity of their PKI. Digital certificate validation
enables organizations to maximize their return on
investment by ensuring their PKI safeguards all their
secure applications.
PKI enabled systems depend on digital certificates,
electronic credentials issued by a certificate authority
(CA), to establish identity and trust. However, digital
certificates alone are not enough to ensure the
integrity of PKI solutions. Electronic credentials, like
passports, credit cards, security badges, and other
physical credentials, can become expired, revoked, or
otherwise invalid over time. Similar to point of sale
credit card authorizations, digital certificate status
must be validated whenever the certificate is to be
trusted.
The Tumbleweed Validation Authority (VA) offers a
comprehensive, scalable, and reliable framework for
real-time validation of digital certificates. VA is a
proven, fourth-generation solution that has been
deployed by hundreds of customers worldwide for over six
years, including the US Department of Defense and all
branches of the US military, US Department of Homeland
Security and US intelligence communities, as well as top
financial institutions globally.
The VA is CA neutral and
supports numerous well accepted international security
standards and open technologies. VA is certified FIPS
140-1, DOD JITC, Identrus, and Common Criteria
compliant, and is part of the Identrus, SWIFT Trust Act,
BACS and Global Trust Authority financial trust
infrastructures. The VA interoperates with cryptographic
hardware, including FIPS 140-2 Level 3 and 4 devices as
well as smart cards such as DOD Common Access Card.
The VA suite consists of
several products that provide a flexible,
cost-effective, and robust solution ideally suited to a
wide range of client applications in diverse operating
environments.
Tumbleweed Valicert Validation Authority (VA Server)
A high-performance
multi-platform server that processes client digital
certificate status queries using a number of different
protocols including OCSP, SCVP, and VACRL. The VA Server
offers numerous advanced features including support for
multiple CAs, various validation trust models,
CA-specific validation policies, VA-to-VA mirroring
(replication) of CA and VA manufactured CRLs and delta-CRLs,
distributed Repeater-Responder caching of pre-computed
and dynamic OCSP responses. The VA Server provides
robust non-repudiation features including digitally
signed responses, digitally signed logs, and CRL
archive. The VA Server also provides superior
operational capabilities through the support of FIPS
140-2 Level 3 and Level 4 compliant cryptographic
hardware, as well as robust monitoring, administration,
and auditing.
Server
Validator
A flexible client
application for enabling digital certificate validation
in the most widely used secure Web servers and Web
application servers available on UNIX, Windows, and
Apple platforms including Microsoft ISA, Apache, Oracle
Application Server, Red Hat Strong Hold, BEA WebLogic,
and IBM Lotus Domino, with support for automatic
configuration and fail-over support through the use of
multiple validation mechanisms.
Desktop
Validator, Standard and Enterprise
Flexible client solutions
for enabling Microsoft Windows based desktop and server
applications respectively to validate digital
certificates via the Microsoft Cryptographic API (CAPI),
including support for FIPS 140-2 Level 2 smart cards
such as DOD Common Access Card, flexible default and CA
specific validation rules, robust fail-over mechanism
with multiple revocation data sources, remote management
via Microsoft SMS, CA Unicenter, and Microsoft Active
Directory. DV can also be automatically configured via
the VA Server for ease of large-scale deployment.
Validator Toolkit
A complete set of
certificate validation functions, source code examples
and reference manuals that enables certificate
validation integration into third party or custom
applications developed in C/C++ or Java such as network
and hand-held devices, physical security systems, and
custom PKI-enabled workflow applications.
Repeater
Appliance and Repeater Servlet
Lightweight solutions for
deploying a high-scale, high-availability digital
certificate infrastructure based on an OCSP response
cache that can be pre-computed or dynamically generated.
These solutions do not contain any sensitive
cryptographic materials (since cached OCSP responses are
generated by a VA Responder Server) and can easily
reside in a different administrative domain than the VA
Responder Server, making them ideal solutions for
distributed computing environments or hosted application
environments
For more
information about Tumbleweed products contact
Information Gateways on +61 2 9496 9496 or email
info@ig.com.au |
