Keep PKI components ready when needed – as in all the time
The integrity and availability of your PKI environment can have a dramatic effect on the security of your enterprise. Components like certification authorities (CA), OCSP and CRL distribution points need to be available around the clock. But installing a second CA will do very little to provide fault tolerance in most environments. We specialize in designing and deploying highly available solutions, including Microsoft Windows failover clusters. In fact, we wrote the whitepaper on the subject for Microsoft.
Clustered solutions will ensure your PKI components are available when your computers need them. Allowing a CA to go offline could prevent clients from enrolling and renewing certificates. It could also result in expired CRL files which will cause clients to stop being able to use certificates. OCSP and CES/CEP servers also have the potential to impact your environment if not carefully designed and deployed in fault-tolerant solutions.
We can work with you to scale your recovery needs from simple software changes for recoverability, designing virtual machine recovery options (Microsoft Live Migration or VMWare VMotion) or implementing a full Windows failover cluster for your PKI needs.
Whether your needs are for PKI site-aware Windows clients, highly-available servers or designing and using geo-dispersed clusters for the highest availability possible, we are the experts to make it happen.