Mastering challenges before they become a problem: essendi xc is your business solution for proactively ensuring security. The protection of data and data streams as well as the implementation of laws and internal company guidelines are of great importance. Any security breaches can not only result in financial losses for your company, but can also damage your reputation and make a carefully developed corporate strategy absurd. With the help of essendi xc, you can act proactively. This allows you to keep the growing number of certificates under control. With essendi xc you create security - simply smart.
The situation
The ongoing digitalization of business models and processes is presenting companies with ever greater challenges, particularly in terms of IT security. The protection of data and data streams as well as the implementation of laws and internal company guidelines are becoming increasingly important. This is required not only by internal company guidelines, but also by legal requirements.
Digitalization is part of our lives and challenges us anew every day. Users and end customers are increasingly communicating their need for security and transparency. Any security gaps can not only result in financial losses for your company, but can also damage your reputation. In this context, X.509 certificates already play an important role in almost every IT organization and will continue to do so in the future. X.509 certificates guarantee secure data traffic for internal and external communication.
Legal requirements have risen sharply.
The requirements for digital certificates and accompanying processes have increased significantly due to various legal requirements. Keywords such as GDPR, EIDAS conformity, trustworthiness in browsers in accordance with the specifications of the CA Browser Forum, audit security, etc. should be mentioned here.
The number of certificates in companies is increasing rapidly. In order to maintain an overview, a complete inventory with an overview of the inventory is necessary.
At the same time, the validity periods of certificates are constantly becoming shorter and the system environments in which they are used are becoming increasingly complex. Unplanned expiry of certificates leads to operational disruptions, financial damage and possibly loss of reputation. If, for example, a website or server is no longer accessible, damage in the 6-digit euro range is quickly incurred. Changing certificates manually is time-consuming: From recognizing the expired password and issuing a new certificate to the actual replacement in the system, valuable time is lost.
Dealing with certificates is not an everyday task and requires special know-how. System-guided support along the certificate processes improves workflows and reduces sources of error when handling certificates.
essendi xc The certificate manager
The essendi xc certificate manager was developed to solve these challenges. With essendi xc, the management of certificates can be standardized, centralized and optimized. essendi xc offers the possibility to manage all digital certificates (SSL X.509) company-wide. With the help of essendi xc, users and administrators can request, approve, renew or issue certificates centrally via a self-service portal. essendi xc offers smart solutions for the distribution of certificates to (remote) target systems: Routes via ACME, e-mail, SCP, SCEP and Powershell Remoting as well as distribution via our xc agents are possible. Templates and profiles specified by configuration ensure compliance with internal conventions and rules for certificates. This relieves the burden on PKI admins, reduces process costs and makes certificate-related processes simpler and more secure.
Interfaces to internal and public certification authorities (trust centers) enable the automated issuance of certificates. essendi xc is multi-CA-capable and therefore guarantees independence from public certificate providers.
Uniform, centralized and process-oriented certificate management
In addition, a central, company-wide repository is provided that creates transparency and order across an organization’s existing certificate portfolio and enables a wide range of evaluation, controlling and management options. Individually configurable management reports can be created based on this.
In order to identify expiring certificates, monitoring is essential for timely warning of the expiry of certificates with several escalation levels. The database also provides the basis for targeted risk management of the certificate portfolio, e.g. with regard to critical key lengths or algorithms.
A comprehensive rights and roles concept enables the application to be flexibly adapted to the customer’s organizational structure. User administration can be connected to LDAP or AD services.
The operation of essendi xc is intuitive and meets the requirements for the design of modern user interfaces. Lean processes and an appealing design enable every user to quickly get started with the tool. A modern dashboard provides an immediate overview of the existing certificate portfolio. The application is available in German and English.
In order to ensure a very high level of protection for your key material and/or to protect HSMs (hardware security mod
The functions and features of essendi xc at a glance
A central dashboard for an overview and control of your certificate portfolio. This allows you to keep track of your certificates and all important (management) information on expiration dates, installation location, etc. at all times.
In addition, a central, company-wide repository is provided, which creates transparency and order across the organization’s existing certificate inventory and enables a wide range of evaluation, controlling and management options.
Extensive alert functions prevent certificates from expiring unintentionally. A sophisticated alert process informs your responsible employees and reminds them in good time to renew their certificates.
As a central process hub, essendi xc covers your entire certificate life cycle. From application to distribution and renewal – all in one system. Simply smart.
Compatibility with self-signed and third-party certificates as well as multi-CA capability for certification authorities reduces your workload and time expenditure. A large number of public and private certification authorities are already connected. Examples include D-Trust, DigiCert, SwissSign and the Microsoft PKI. The integration of further certification authorities is possible.
essendi xc offers smart solutions for the distribution of certificates to (remote) target systems: For example, we support ACME, e-mail, SCP, SCEP and powershell remoting as well as fully automated distribution via our xc agents.
Predefined certificate profiles help applicants to apply for certificates. The prepared configuration of the required certificate types and other attributes maps your internal specifications and prevents certificates from being issued incorrectly by mistake. This results in the standardization of your certificate process and the time-saving implementation of compliance requirements. Numerous settings allow you to further automate the certificate process and adapt it to your needs.
User management and role-based access control allow you to define roles and the associated application processes individually for you. Users can be connected via LDAP and AD services.
If a very high level of protection is required for the safekeeping of key material and/or HSMs are already in use in the SSL environment, HSMs can be easily integrated into essendi xc. Interfaces to well-known providers are already provided within essendi xc. HSMs have many advantages, in particular the very secure storage of private keys, which are generated in the HSM and do not have to leave it.
A network scan is used to quickly and easily detect all certificates in your company and import them into the certificate repository.
No two situations or system environments are the same. This is why essendi xc has been designed to be highly configurable. Comprehensive configuration and administration options ensure precise integration into your infrastructure and processes.
Extensive management reports, evaluations and other reports can be flexibly generated on the basis of the central repository. E.g. certificate inventory by type, by certification authority, seasonal trends, risk management, etc.
If there are other individual requirements, such as functional extensions, we will be happy to implement these according to your wishes.
100% European complete solution for your certificate life cycle. essendi xc is 100% developed in Germany. This is certified by our “IT Security Made in Germany” seal. We offer you German-speaking contact persons and German-speaking support.