MTG Certificate Lifecycle Manager optimizes all certificate-related processes for the entire certificate lifecycle. Issue, renewal and revocation processes can all be centrally automated, managed and controlled for various use-cases.
Automation in Certificate Lifecycle Management
Automation of Certificate Lifecycle Management is essential when dealing with large and complex, multivendor certificate environments for use cases such as IoT, server, clients and mobile.
Certificate Discovery - Full Transparency!
The Certificate Discovery function enables a systematic scanning for unknown certificates. Thanks to network-based sensors and agents all company public and private TLS/SSL certificates are identified and added to the certificate inventory. Dangerous outages due to expired certificates or expensive manual handling is consequently avoided.
Complete and Cost-effective Employee Onboarding!
All required certificates can be issued in a systematic and complete procedure. A structured setup of authorizations ensures workflows in line with compliance guidelines.
Automated Digital Certificate Provisioning for Server!
Automated seamless provisioning of digital certificates prevents server downtime and resulting costs and damages. It ensures the availability of internal services, production or the accessibility of corporate websites.
Quick and easy provision of digital certificates for networked devices
Networked office hardware (e.g., printers) and other smart devices (e.g., cameras) are major potential entry points for hacker attacks. However, protecting them with certificates is a heterogeneous and complex process that is therefore often not carried out. Fast and easy provisioning is thus an important function of the MTG Key Lifecycle Manager.
The MTG CLM architecture is part of the overall MTG ERS ® system. This means that the system can be expanded with further important security components whenever required. This includes the :
- MTG Certificate Authority,
- the MTG Enterprise Key Management System
- and the appropriate Hardware Security Modules.
The targeted entities (servers, clients, IoT devices...) can be optimally accessed and managed via standard or MTG-specific automation clients.
MTG CLM supports a wide range of internal and publicly trusted CAs: e.g., Microsoft CA, LetsEncrypt, Deutsche Telekom (etc.). Security manager are thus relieved of the exhausting task of accessing each CA individually in order to gain insight and control over each certificate.
MTG Certificate Lifecycle Manager offers a comprehensive set of features that provide all the tools needed to implement certificate-based use cases quickly and effectively.
Detailed Monitoring & Reporting!
Always track the status of your certificates and avoid surprises! MTG CLM provides a comprehensive notification system about certificate status changes. Users are informed in time and several times before certificates expire. Punctual and seamless renewal is thus ensured at any time.
Create & support multiple business domains
The MTG CLM allows an individual organization of access rights for digital certificates.
Certificate Policy Enforcement - Complete and Failure-free Generation of Certificates!
The Policy Enforcement Form contains a comprehensive collection of rules that are required for the configuration of different certificates. This ensures that entries are complete, error-free, and compliant. Individual policies can be created for emails, servers, networked hardware or mobile devices.
Preconfigured policies are provided for common use cases!
Access Control & Compliance!
The role and rights management can be managed centrally and offers detailed options for the settings of certificates and certificate holders.
Configuration options are possible on several levels (per user, realm & policy).
Central Identity Management with Keycloak!
Keycloak allows to flexibly use different authentication protocols for all MTG ERS® applications (CLM, PKI, KMS) via a central sign-in and sign-out function.