Automate PKI Certificate Management - AEG

With Auto Enrollment Gateway (AEG) it's never been easier to enroll, provision, and install digital certificates – regardless of OS or platform

Sign up for a Demo

What is AEG?

Auto Enrollment Gateway (AEG) is an automated certificate management tool that acts as a direct gateway between Atlas, GlobalSign’s digital identity platform, and your Active Directory.

Between set-up costs, ongoing maintenance, training, and compliance, managing PKI is not something you can afford to get wrong. Auto Enrollment Gateway (AEG) gives you access to GlobalSign’s team of PKI experts to act as an extension of your team and through automation frees up your time for other tasks. So, if your company is using Active Directory to manage network users, devices and machines, AEG can manage your PKI – it’s that simple.

  • Simplify certificate management, automate manual processes
  • Close security gaps in remote and hybrid work environments
  • Address challenges with Bring Your Own Device (BYOD) and easily add new devices to your network
  • Archive, recover and roam digital keys to prevent data loss and reduce redundancy
  • Set policies and scripts to automate tedious certificate management tasks
  • Use multiple certificate template types (Email Security, Client, Signing, SSL/TLS)
  • Scheduled reporting allows for better visibility and control over organizations PKI

See how AEG works in this animated overview video.

Watch Video

Outsource PKI management to a trusted third party CA

Reduce total cost of ownership for PKI by as much as 50%

Support mixed environments, variety of use cases, public or private trust models

The Most Efficient Way to Automate, Protect, and Maintain Your Organization's Identities

GlobalSign's Auto Enrollment Gateway (AEG) is a scalable managed PKI solution designed for enterprise environments utilizing a mix of platforms and devices. The newest iteration of this valuable tool acts as a direct gateway between Atlas, GlobalSign’s next-generation cloud Certificate Authority, and your Active Directory - effectively extending its reach to every endpoint on your network.

The intuitive user interface and provisioning capabilities make it easy to centralize, automate, and control all certificate activity across an organization.

Protocol support expands deployment to endpoints outside your domain and adds public trust

  • SCEP server functionality for issuing certificates to mobile and networking devices and integrating with Microsoft Intune, JAMF and other MDMs
  • Automated issuance to any client application supporting ACME v2 such as Linux servers and DevOps tools

Capitalize on existing infrastructure and reduce IT overhead with GlobalSign SaaS CA

  • Automated enrollment provisioned through Group Policy
  • GlobalSign manages the security, high availability, and CA operations, ensuring you meet SLAs and compliance audits
  • Now IT can focus on core competencies, rather than cryptography and CA tasks

How AEG Works

Integration with Active Directory and support for SCEP and ACMEv2 protocols, provides quick, seamless certificate registration and provisioning, as well as key archival and recovery - without sacrificing control. Certificates can be issued from a dedicated private issuing CA hosted by GlobalSign and/or from GlobalSign’s public CA (for security applications that require public trust), all based on GlobalSign’s highly available and secure world-class infrastructure.


Pre-designed Certificate Templates Support a Range of Use Cases

The Auto Enrollment Gateway can be used to enroll and issue certificates to all types of Active Directory objects, including users, servers, desktops, laptops, and Domain Controllers. A wide range of pre-designed certificate templates support a variety of use cases, including:

Why Should I Work with a Trusted Third-Party CA for PKI? 

There are significant advantages to outsourcing to GlobalSign, a trusted third-party CA with over 25 years’ experience: 

  • Reduce total cost of ownership for PKI 
  • Ensure you meet SLAs and satisfy compliance audits 
  • Limit unnecessary risks involved with breaches, incidents and staff turnover 
  • Support existing organizational structures and workflows 
  • The ability to scale PKI so it grows with your organization 
  • Stay up-to-date with PKI best practices and regulatory requirements 

Why not book a complimentary PKI consultation with one of our experts to discuss your system, process and requirements and give you some practical advice on how to improve your PKI management? 
Book a Consultation

iStock-1385317066 (2).jpg

Request your Automated PKI Deployment Demo!

Automate PKI without running your own Microsoft CA, or replace existing resource-intensive implementations, and expand support throughout your mixed endpoint environment. Talk to GlobalSign today.

By requesting a demo, a GlobalSign Product Specialist will contact you.

  • Outsource PKI management to a trusted, third party CA
  • Reduce total cost of ownership by as much as 50%
  • Support mixed environments, variety of use cases, public or private trust models

AEG Video


AEG Video