GlobalSign Blog

Answering Your Active Directory Integration Questions

Answering Your Active Directory Integration Questions

I recently hosted a webinar on certificate-based authentication for users, machines, and devices. I talked about the need for stronger authentication methods and why certificates are a great option and ended with an example deployment scenario using an Active Directory (AD) integration. Several people had questions about the integration and I didn't have a chance to cover them all during the broadcast, so I thought I'd answer some of them here.

How does an AD Integration work and why would I use one?

Our AD integration, the Auto Enrollment Gateway , is a software service that acts as a connector between our SaaS certificate services and an organization's Windows environment. In a nutshell, it basically takes the place of running an on-premise Certificate Authority (e.g., Microsoft CA). Administrators dictate which users and machines are allowed which types of certificates using AD Group Policies, but instead of requesting the certificates from an internal CA, the requests are sent to GlobalSign. This way you get all the benefits of Microsoft Certificate Services (e.g., auto enrollment, silent installs) without the need to manage a CA internally.

How can certificates be deployed to external users not part of the Active Directory network?

External users who are not part of the AD network could still leverage the CEP/CES services that AEG is based upon to enroll certificates. CES, specifically, is a web service that allows users and computers to perform certificate enrollment by using the HTTPS protocol. Alternatively, AEG also supports a manual enrollment portal where clients can request certificates through a web-based enrollment.

Other questions addressed during the live webinar:

  • Can the certificates be installed on USB tokens?
  • What kind of devices are supported?
  • Is this type of solution cost-effective for a network of 150 users?
  • Will the solution work with Cisco ASA 5500?
  • Can you use the solution to authenticate to web applications?

Get the answers and learn more about why you should adopt stronger means of authentication, the benefits of using a certificate-based solution, and your deployment options by watching the full webinar . If you have any other questions about our Active Directory integration, or about certificate-based authentication in general, shoot us an email or let us know in the comments!

Cert based authentication

Share this Post

Recent Blogs

  • Cybersecurity News Round-Up: Week of August 15, 2022

    Aug 19, 2022

    Oops! Cyber criminals hack the wrong water company, how a teenager RickRolled his high school district, Janet Jackson music video declared a security vulnerability

  • Resolving the Conflict Between Availability and Security in IT

    Aug 18, 2022

    Operations teams have availability as a priority, whereas security teams are solely focused on creating a secure environment. As a result, there is often conflict between operations and security. Explore how to resolve the conflict.

  • 10 Tips for Hiring and Retaining IT Employees

    Aug 17, 2022

    As the saying goes, "people are your most important asset." This is especially true in the field of information technology (IT), where a company's ability to hire and retain top talent can be the difference between success and failure. Here are 10 ways companies can hire and retain top IT talent.