Are you aware of every certificate used in your enterprise?
Discover unknown certificates and keys across heterogeneous environments for anenhanced security posture
AppViewX’s smart discovery can help you perform a certificate discovery by two modes – Unauthenticated and Authenticated. In an Unauthenticated discovery, you can use an IP range, a subnet or an URL to identify the certificates available. But, to get a deeper understanding into each certificate and its various associations, the authenticated discovery scans each device securely (load balancer, firewall, web server, cloud or CA) to create an accurate picture of your certificate infrastructure. This discovery process can be customized with total pause-resume control to optimize network utilization. Post discovery, the certificates are processed using our rule engine to filter certificates that are most important to you.
Not every certificate that is identified during a discovery needs to be managed individually. Certificates can be grouped based on your specific business use-case and necessary access restrictions can be applied before delegating it to your teams. These certificate groups can also be governed by policies that cover authorized CSR parameters and private key attributes. Each group follows a business workflow and any certificate-related issue can be remediated immediately through a well-defined escalation matrix.
Post discovery, each certificate that is transferred to the built-in inventory has two modes of management – Monitored and Managed. The Monitored mode allows you to just monitor the status of a certificate, its various locations, expiration date and compliance. As the inventory is updated dynamically, continuous monitoring helps you flag any changes that affect a particular certificate-device association. Multiple users can be notified of a certificate-related issue at the same time. But a user will only be able to remediate an issue using the platform when the certificate is in Managed mode. In case of a certificate expiry, you can auto-renew certificates and also choose to provision it on to the end-devices automatically.
Our holistic view is a patented, graphical representation of a single certificate, its various device associations and chain of trust. Any certificate lifecycle related activity such as renewal, revocation, download and provisioning can be performed from the same screen with necessary business workflows. The certificate chain of trust representation within the holistic view helps you validate your root and intermediate certificates for compliance. The view also has proper legends to quickly identify the connection status to each device and its association with a certificate’s key.
"AppViewX significantly decreased our operational outages due to certificate expiry."
"...We saved 90% time on operations, it really ended up delighting our end users, they’re surprised at how easy it is to request certificates"
Xcel Energy, USA