Indeed CM Indeed Certificate Manager

Indeed Certificate Manager (formerly Indeed Card Manager) is a system for centralized lifecycle management and control of digital certificates, tokens and smart cards.

2024: Indeed Certificate Manager 7.0 with the ability to install on a server under Windows and Linux

Indid On June 20, 2024, the company announced the release of an updated version of the product for managing the public key infrastructure - Indeed Certificate Manager (Indeed CM). The solution can now be installed on server both OS and OS Windows OS. Linux

source = Indeed

Among the added functionality of version 7.0 of the Indeed CM system are the service of internal electronic document management, improved logging of funds accounting (cryptographic information protection CIPF), advanced capabilities for managing key media using the Indeed CM Agent and other updates.

Thanks to these innovations, organizations can effectively manage the lifecycle of key media and digital certificates, as well as significantly increase the level of information security.

Our customers appreciate the reliability and functionality of Indeed CM and version 7.0 continues this tradition. New functions, such as internal document management service, improved CIPF logging and Linux support, will help our clients optimize processes and significantly increase the efficiency of managing the public key infrastructure (PKI), - said Andrey Laptev, Head of the Product Office (CPO) of Indid.

2018

Indeed Certificate Manager 5.1

On November 27, 2018, Indeed announced that it had prepared an update for the Indexed Certificate Manager smart card and digital certificate management system. According to the company, it combined both the further development of fine-tuning tools for the system itself, and expanded the possibilities of integration with the products of Microsoft (Active Directory) and CryptoPro.

The role model allows you to personalize the set of privileges for each administrator and operator for each device usage policy.

Privilege

Roles can be global (role composition is defined for all policies) and local (role composition is defined for each policy separately). The internal organizational structure of the Indeed CM system is used to combine users who are in different OUs within the Active Directory or CryptoPro CA 2.0 directory under the same policy.

Local role

The screenshot shows an example when users of the OU "MSK Office," the group "Cert Publishers" and personally Evgeny Belov from the Active Directory directory are combined within the framework of one device use policy that acts on the org object. of the "Child node 1.1" structure.

Child node 1.1

Added integration with CryptoPro DSS with the following features:

• Creating a CryptoPro DSS user
• Issuing certificates
• Set user password CryptoPro DSS

Reset Active Directory user password

Reset password

After expiration, the domain password will be reset to a random value using Indeed CM and for users the only way to authenticate will be a smart card with key information.

The configuration of messages displayed to the user during client agent operations has been migrated to device usage policies.

Setting up messages

Other changes included in the release:

• Restricting the issuance of a certificate for a specific media type under a device usage policy;
• Search for devices by device usage policy;
• Ability to change policy assignment properties (container, group, priority);
• The ability to initialize the card at the time of its withdrawal.

Tasks to be solved

As of October 2018, the centralized lifecycle management system of the Indeed Card Manager (Indeed Card Management) key media allows you to solve the following problems:

• Key media lifecycle management
• Accounting of CIPF used in the enterprise
• Logging and auditing actions of administrators and key media users
• Automate user certificate management processes
• Backing up key information
• Provide employees with a self-service mechanism to quickly solve the main tasks of using key media

Indeed Card Management Release 4.8

More than one month has passed since the last publication about Indeed Card Management, but all this time work on the smart card lifecycle management system has not stopped. And now we will briefly talk about all the significant changes.

As of March 2018, the following features were implemented in the system:

• Support for all modern browsers: Mozilla Firefox, Google Chrome, Microsoft Edge, Internet Explorer 10 and 11. All of the listed browsers support the entire set of key media operations.
• It is now possible to fine-tune access rights to the system through the emergence of administrators and operators of individual policies.
• Support for publishing certificates to the CFT application database.
• Certificate tracking now supports certificates issued on the ViPNet CA Certification Center.
• Added optional feature for shared certificates (pfx).
• The ability to simultaneously work with different types of user directories: Active Directory and CryptoPro CA 2.0.
• The ability to filter maps in the repository by expiring certificates.
• Sending a user comment as part of a certificate request for CryptoPro CA 2.0.
• Initialization of devices when outputting from the Indeed CM system.

2017

Integration with Solar inRights and Indeed Enterprise SSO

On August 9, Solar Security and Indeed Identity announced the development of a joint integration solution that combines the capabilities of the Solar inRights IGA platform (Identity Governance and Administration), the Indeed Enterprise SSO single sign-on system and the Indeed Card Management public key infrastructure management system. The solution improves information security and saves human resources in the company by automating processes related to granting access rights and managing the user password lifecycle. You can read more about the event here.

Integration with Crypto-PRO DSS

On March 31, 2017, Indid and CryptoPro announced the integration of CryptoPro DSS and the PKI Indeed Card Management system.

After integrating products, creating, updating and destroying keys and cloud electronic signature certificates based on CryptoPro DSS can be performed from Indeed CM^[1].

The integration of the two systems allows you to create a single key management point for all types of electronic signatures: a traditional version with key media and a modern cloud implementation.

Using Indeed Card Management to issue EP certificates allows centralized control over the use of EP keys. Certificates are issued based on pre-configured policies, and the system notifies users and administrators of actions that affect the certificate lifecycle. If necessary, users can turn on the self-service service, where they can independently issue or request the required certificates.

CryptoPro DSS allows you to solve traditional problems of hardware key media, such as logistics organization and use control. Integration with Indeed CM improves the efficiency of the implementation and use of cloud electronic signature in corporate systems by automating the processes of managing EP keys, and, if necessary, allows a smooth transition from the use of individual key media to CryptoPro DSS. Igor Kurepkin, Deputy General Director of CryptoPro

CryptoPro DSS implements an extremely popular electronic signature model as of March 31, 2017 - cloud. The use of cloud technologies allows businesses to work more efficiently, not only increasing the usability of complex technologies, but also saving IT budgets on routine tasks. Integration with CryptoPro DSS technologies makes Indeed CM a universal central system for managing and monitoring the use of digital certificates. Alexey Baranov, CEO of Indid

2016: Indeed Card Management Release 3.4

In May 2016, Indeed announced the release of a version of the centralized lifecycle management system for key media Indeed Card Management 3.4, which, among others, included changes relevant to companies at the stage of large-scale implementation of the PKI infrastructure.

In particular, this version implements the ability to batch release smart cards together with the EDIsecure XID 8300 smart card printer. It is enough for the system administrator to determine the group of users who need to issue cards, place the required number of cards in the printer tray and start the mass release process, as a result of which users will receive fully ready-to-use smart cards containing the necessary key data and personal information of employees: full name, position, department, photo, etc.

Expanded integration with PAC "CryptoPro UC 1.5" and PAC "CryptoPro UC 2.0." The new user is now automatically logged into the CA directory, and the Indeed CM user account is automatically linked to an existing account in the CA directory.

The scenario of adding user attributes such as SNILS, TIN, OGRN, etc., is supplemented by the ability to establish the correspondence of Active Directory user attributes with CryptoPro CA attributes.

The process of interacting with the Indeed CM user directory has been extended by the function of automatically turning off smart cards for users whose accounts have been suspended for some reason by the Active Directory administrator.

To integrate with IDM (Identity Management System) systems, this version of the system has added a Web API that allows you to receive information on user maps and perform a number of operations with them: enable, disable, pre-update, recall maps, etc.

For the convenience of configuring system parameters, a new tool "Indexed CM Configuration Wizard" has been added to the distribution kit.

2015

Indeed Card Management Release 3.0

On June 2, 2015, Indeed announced the release of release 3.0 of the centralized lifecycle management system for key Indeed Card Management media.

In this version, the company implemented support for Rutoken EDS SC, Rutoken Lite SC, Kaztoken SC devices.

Rutoken EDS, 2014

The system provides the issue of cards with certificates issued by the CryptoPro CT Certification Center version 2.0. This makes it possible to use the system in infrastructures that do not use Active Directory domains.

In this version of the system, under one smart card policy, a different set of certificates can be issued. The decision to include "optional" certificates in the requested list is made by the system operator or user through the self-service service.

During release, the user's PIN can be changed by the system to random and sent to the user or his manager by e-mail via a secure connection, which excludes the possibility of using keys by third parties, including the system operator himself, issuing a smart card or USB token.

Additional features include automatic naming of smart cards and a USB token. Name rules are defined according to the specified policy.

Indeed Card Manager. Description

As of May 2015, Indeed Card Manager is a system for centralized life cycle management of key media (smart cards, tokens, etc.).

Modern companies are increasingly using electronic digital signature technologies, strict user authentication and data encryption. These technologies require employees to have personal media of key information: usb keys or smart cards. This gives rise to a new range of tasks for accounting and monitoring the use of such media.

Modern companies are increasingly using electronic digital signature technologies, strict user authentication and data encryption. These technologies require employees to have personal media of key information: usb keys or smart cards. This gives rise to a new range of tasks for accounting and monitoring the use of such media.

In the development of Indeed CM, advanced technologies and a focus on the tasks of system users are used. This allows you to provide all process participants with a convenient and effective mechanism for interacting with the system. Indeed CM Web Application has a modern, convenient and functional user interface that adapts to the user's device. Thanks to this, it is equally convenient to work with the system both on a personal computer and on a tablet or smartphone.

Tasks to be solved

The system solves all the necessary tasks related to the application of the Public Key Infrastructure (PKI) throughout the enterprise:

• Key Media Lifecycle Management
• accounting for CIPF used at the enterprise
• logging and auditing the actions of administrators and users with key media
• automation of user certificate management processes
• backing up key information
• providing employees with a self-service mechanism to quickly solve the main tasks of using key media