GlobalSign News & Events

21 August 2013

GlobalSign Auto Enrollment Gateway (AEG) Provides Automated Certificate Lifecycle Management for Microsoft Active Directory, Allowing Enterprises to Reduce Risk of Data Breaches and System Outages

AEG Leverages GlobalSign SaaS Certificate Authority to Strengthen Security Through Certificate Based Two Factor Authentication and Advanced SSL.

Boston, MA - August 21 2013 - GlobalSign (, the enterprise SaaS Certificate Authority (CA), today announced availability of the GlobalSign Auto Enrollment Gateway (AEG). AEG integrates with Windows Active Directory, allowing enterprises to automate the enrollment, provisioning and management of GlobalSign digital certificates for Windows environments. By replacing their internal CAs with GlobalSign’s proven services, enterprises strengthen security and reduce costs by adding certificate-based solutions such as two-factor authentication and advanced SSL without having to manage their own highly complex and costly internal CA. Because GlobalSign SaaS certificate services provide the latest best practices and highest standards in certificate technology, enterprises using them reduce their risk of falling victim to attacks that take advantage of weak and mismanaged certificates. Eliminating the need to manage a resource-intensive internal CA reduces the total cost of ownership of the public key infrastructure (PKI) as well as the risk of system outages that stall business activities.

As noted in research published by Aberdeen Group, a Harte-Hanks Company, certificates have been increasingly targeted by attackers, who are successfully exploiting known vulnerabilities such as untrusted self-signed certificates, certificates configured for weak encryption and unwieldy certificate revocation mechanisms. In addition, attackers have successfully pulled off more sophisticated exploits such as fraudulently issuing certificates from trusted third-party authorities and forging certificates that are relied upon for code-signing.

"Most enterprises are not proactively managing the risks associated with these attacks and are unprepared to respond quickly to a compromise," said Derek E. Brink, vice president and research fellow for IT Security at Aberdeen Group. "By allowing enterprises to place the operational aspects of managing certificates into the hands of experts, while retaining enterprise control over group policies managed in Active Directory, GlobalSign is aiming to accommodate future growth in the use of certificates while addressing the practical issues of security and trust in an efficient, cost-effective deployment model."

The GlobalSign AEG provides multiple security and cost-savings benefits as well as enhanced risk mitigation. Seamless integration with Microsoft AD allows enterprises to automate PKI management as well as certificate provisioning and deployment across Windows-based networks, a capability that strengthens PKIs, establishes internal and external trusted communications, and reduces costs.

The solution offers a number of business benefits:

  • Risk mitigation: Certificate management by a public trusted CA protects against vulnerabilities and threats.

  • Compliance: Proper management ensures that certificates remain valid and do not cause the enterprise to become noncompliant.

  • Cost savings: GlobalSign AEG cuts costs by putting management in the hands of PKI experts, removing the need for resources to manage PKI and preventing breaches that could be devastating to businesses, causing brand damage and loss in revenue.

  • Enhanced productivity: Proper PKI management ensures continued uptime, eliminates the interruption of mission-critical operations due to invalid certificates and offers employees remote, secure access to company networks.

Additional features and benefits include:

  • Easily deployed Public Key Operation (PKO) solutions: AEG supports a wide range of use cases that require strong two-factor authentication, from client authentication of remote workforces accessing the network through VPNs and WiFi to privileged access of highly sensitive resources and systems via smart-card authentication.

  • Scalability: Organizations can easily scale to higher-volume deployments to accommodate growth.

  • AD integration: AEG provides seamless, often transparent, certificate life-cycle management, avoiding disruptions and security concerns through immediate detection and replacement of expired certificates.

  • SaaS CA: AEG eliminates need for internal CAs, e.g. Microsoft CA, thus reducing management costs and complexity as well as overall PKI TCO.

  • Strongest available certificates: 2048-bit encryption ensures protection against even the most advanced certificate- and PKI-based attacks.

  • Automated PKI management: This liberates IT to focus on core competencies and business-driving IT projects.

"PKI is under attack, and digital certificates have become a common threat vector employed by cybercriminals. However, that doesn’t change the fact that when deployed, managed and used effectively, digital certificates provide the most proven means of defense for enterprise networks," said Lila Kee, GlobalSign chief product and marketing officer. "The AEG allows organizations not only to eliminate costly management burdens but also to get full value and maximum security out of their AD investments."

For more information on GlobalSign’s Auto Enrollment Gateway visit:

About GMO GlobalSign

GlobalSign, founded in 1996, is a provider of identity services for the Internet of Everything (IoE), mediating trust to enable safe commerce, communications, content delivery and community interactions for billions of online transactions occurring around the world at every moment.  Its identity and access management portfolio, acquired from Ubisecure in September 2014, includes access control, single sign-on (SSO), federation and delegation services to help organizations and service providers create new business models for customer and partner interactions.  The former Ubisecure operation is now the GlobalSign Center of Excellence for IAM, located in Helsinki, Finland. GlobalSign’s solutions are designed to address the massive scalability demanded by the emerging $14.4 trillion IoE market, where the ability to make secure networked connections among people, processes, data and things, will require that every “thing” have a trusted identity that can be managed.  The company has offices in the U.S., Europe and throughout Asia.  For the latest news on GlobalSign, visit or follow GlobalSign on Twitter (@globalsign ).

About GMO Cloud KK

GMO Cloud K.K. (TSE: 3788) is a full-service IT infrastructure provider focused on cloud solutions. Established as a hosting company in 1996, the company has managed servers for more than 130,000 businesses and now has 6,500 sales partners throughout Japan. In February of 2011, the company launched GMO Cloud to enhance its focus on cloud-based solutions. Since 2007, the company has also grown its GlobalSign SSL security brand through offices in Belgium, U.K., U.S., China and Singapore. For more information please visit .

GMO Internet Group

GMO Internet Group is an Internet services industry leader, developing and operating Japan’s most widely used domain, hosting & cloud, ecommerce, security, and payment solutions. The Group also comprises the world’s largest online FX trading platform, as well as online advertising, Internet media, and mobile entertainment products. GMO Internet, Inc. (TSE: 9449) is headquartered in Tokyo, Japan. For more information please visit

Share this article

Back to GlobalSign Newsroom

Media Relations

For further information on GlobalSign press releases,
events or for media enquires please contact:

Janine Marchi
Communications Manager
Call: 603-570-7060