- Maximizing Certificate Services Implementations
- Securing Certificate Services
- Getting the Most Out of Smartcards
- Tips and Tricks for Securing Access to the Network
- Creating a Single Sign-on Environment
- Securing Access to Web Servers and Services
- Protecting Certificate-based Services from Disaster
- Integrating Smartcards with Personal Devices
Creating a Single Sign-on Environment
Allowing access to the network and system resources by entering a single username and password is the holy grail of the network administrator. Using certificate services and smartcard devices can make this goal a reality.
The new Active Directory credential manager provides a secure store for user's X.509 certificates when used in conjunction with Windows XP credential management, which has three components; credential prompting user interface, stored user names and passwords, and a keyring to store PKI certificates. Together these infrastructure components form a single sign-on solution.
If feasible, a company can standardize on Windows Server 2003 Active Directory. Consolidate LDAP directories. Active Directory can become the single repository for the company's users, machines, log-in credentials, and contact information.
Security requirements on applications can be quite numerous. Inventory the current applications and their business purposes and security requirements. After administrators take the inventory of all the applications in the company some can be absorbed into other applications. Many applications are reliant on their underlying file system structure for their security. By reducing the number of applications and securing fewer network shares you can more easily allow and track access to those applications.