BOSTON, MA--(Marketwired - Aug 25, 2015) - GlobalSign, a leading provider of identity services for commerce, communications, content and communities, today announced the launch of the latest version of its Active Directory integration, the Auto Enrollment Gateway (AEG). Originally launched in 2013, AEG is a software service that acts as a connector between GlobalSign's SaaS certificate services and an organization's Windows environment, simulating aspects of an on-premise Certificate Authority (e.g. Microsoft CA) while forwarding all certificate enrollment requests to GlobalSign. GlobalSign manages the security, high availability, and CA operations, while organizations retain control of users and policies.
AEG allows organizations to leverage Active Directory to automate the enrollment, provisioning, and management of digital certificates without the need to run an internal CA, a resource-intensive undertaking. Offloading the burden of CA management to a WebTrust-audited third party like GlobalSign lowers the total cost of ownership for public key infrastructure, and reduces the risk of expensive business interruptions due to system outages or key management failures.
The latest version of AEG builds on its existing success as a platform for automating deployments of certificates for secure email (S/MIME), user and machine authentication, and internal facing servers. New features and functionality include:
- SCEP server: Organizations can now issue certificates to non-domain-joined objects (e.g., routers, mobile devices, non-Windows machines) using the SCEP server functionalities. Enrollment can take place using the new manual enrollment website, which is an internally accessible website that will allow non AD-connected device owners to enroll for certificates individually. Alternatively, organizations using a Mobile Device Management (MDM) platform link directly to the SCEP server to issue certificates for their mobile devices. Issuing the certificates through AEG centralizes certificate activity across an organization to simplify monitoring and offer greater control.
- Key recovery and archival: During the certificate enrollment process, the private key is securely sent to a designated local server as part of the certificate request and is archived there. Using key archival and recovery is essential for S/MIME use cases, and helps protect encrypted data from permanent loss in the event that the original encryption key is no longer available. Private keys are never created or stored by GlobalSign.
- Expanded Windows Server support: AEG can now be installed on Windows Server 2008 R2 and 2012 R2.
- Enhanced lifecycle management capabilities: Additional certificate lifecycle functionality is now available directly from the AEG administrator panel (e.g., key recovery, archival, certificate revocation).
- Multiple company profiles: Several profiles can now be managed via one AEG account, ideal for organizations with separate department or sub-group certificate needs.
"I'm very excited about our latest AEG release. The number of connected devices in the modern enterprise continues to grow, and it's unlikely that every device will be part of Active Directory," said Lila Kee, Chief Product Officer, GlobalSign. "Expanding AEG to non-domain devices gives administrators an easy way to enable certificate-based solutions, such as client and machine authentication, S/MIME, or SSL, on mobile devices, routers, non-Windows machines, and more, all from the same portal they're using for their domain objects."
AEG is available directly or via GlobalSign's growing network of System Integrators. For more information about GlobalSign's Auto Enrollment Gateway, please visit https://www.globalsign.com/en/auto-enrollment-gateway/.
For more information on becoming a GlobalSign's System Integrator, please visit https://www.globalsign.com/en/partners/var-partners/.
About GMO GlobalSign
GlobalSign, founded in 1996, is a provider of identity services for the Internet of Everything (IoE), mediating trust to enable safe commerce, communications, content delivery, and community interactions for billions of online transactions occurring around the world at every moment. Its identity and access management portfolio, acquired from Ubisecure in September 2014, includes access control, single sign-on (SSO), federation and delegation services to help organizations and service providers create new business models for customer and partner interactions. The former Ubisecure operation is now the GlobalSign Center of Excellence for IAM, located in Helsinki, Finland. GlobalSign's solutions are designed to address the massive scalability demanded by the emerging $14.4 trillion IoE market, where the ability to make secure networked connections among people, processes, data and things, will require that every "thing" have a trusted identity that can be managed. The company has offices in the U.S., Europe and throughout Asia. For the latest news on GlobalSign, visit www.globalsign.com or follow GlobalSign on Twitter (@globalsign).
About GMO Cloud KK
GMO Cloud K.K. (
GMO Internet Group
GMO Internet Group is an Internet services industry leader, developing and operating Japan's most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also comprises the world's largest online FX trading platform, as well as online advertising, Internet media, and mobile entertainment products. GMO Internet, Inc. (