PacStar IQ-Core Crypto Manager (CM)
September 10, 2021
Watch this video to learn how IQ-Core Crypto Manager (CM) helps you overcome challenges related to managing systems based on public key infrastructure (PKI) and virtual private networks (VPN).
Video Transcript for the hearing and visually impaired
I'm Charlie Kawasaki, Chief Technical Officer of PacStar. My goal is to share with you the power and benefits of IQ-Core Software Crypto Manager or CM, designed to overcome challenges in managing public key infrastructure (PKI) and virtual private networks (VPN)-based systems.
The military is aggressively modernizing its communications networks and concept of operations to achieve and maintain overmatch, maximize mobility, and operational flexibility. As a result, tactical networking programs face intense pressure to utilize commercial off-the-shelf (COTS) technologies including technologies to secure communications over untrusted networks. This results in operators confronted with multiple vendor user interfaces requiring extensive training time and leading to complex and error prone configuration, long setup time, and high downtime. This is particularly true for certificate-based PKI-enabled VPN solutions which can be complex and where small misconfigurations can create significant security issues.
IQ-Core CM enables organizations to field information assurance or STIG compliant PKI and VPN systems for sensitive but unclassified or CUI networks, and it's transformational for commercial solutions for classified (CSfC) or other dual-tunnel networks which have twice the complexity because they require two sets of layered independent PKI and VPN systems. IQ-Core CM enables organizations to overcome this complexity for wireless LAN, WAN and many solutions and classified networks by managing the most popular NSA-certified COTS components including IPSsec gateways, firewalls, certificate authorities or CAs and more. It also overcomes complexity by reducing configuration errors typical in VPN setup, simplifying the creation, management and expiration of digital certificates and providing real-time monitoring of system status along with events and alerts.
Let's take a quick look at some of IQ-Core CM's main features that make this software so powerful. This is a dashboard view of a CSfC system with an outer VPN tunnel between two VPN gateways shown at the top. Below is an inner VPN tunnel which is not yet configured and as a result the end-user devices are not reachable and are red. IQ-Core CM includes wizards that automate end-to-end the setup for PKI enabled VPNs. This automation integrates multiple devices from multiple vendors. Using the add VPN wizard the task can be completed by simply filling out a few screens. The default values can be set in advance, making this as easy as clicking on a few next buttons. This wizard creates a public-private key pair on the VPN device, creates a certificate signing request, automates certificate signing and loads, and configures the VPN tunnel. Now, the VPN tunnel and the end-user devices go green. This was completed in just a few seconds without the hair-pulling and extensive manual configuration typically associated with these types of tasks.
In addition to wizards, our software manages PKI and VPN devices popular with defense and government organizations. For example, it manages CAs, the software responsible for issuing managing and signing certificates for PKI. It manages the list of issued and revoked certificates and their properties and expiration dates and it lets you view, sign, export and revoke certificates and manually publish the certificate revocation list or CRL. IQ-Core CM can manage all of the CAs currently on the NSA CSfC-approved components list including ISC cert agent and Red Hat certificate services as well as the Microsoft CA. Though, these are different systems, their user interfaces in IQ-Core CM are nearly identical, dramatically reducing the training requirements and configuration errors.
Our software also manages many of the popular VPN gateways and mobility controllers on the CSfC components list. It includes extensive capabilities such as provisioning and managing users, requesting and importing device certificates, inspecting configuration parameters, adding and removing keys and adding complete VPN configurations.
IQ-Core CM is field-proven and works in conjunction with IQ-Core Network Communications Manager and IQ-Core Remote Operations and Management, automating many other security, configuration management and continuous monitoring tasks not shown in this brief demonstration, enabling organizations to meet policy and process requirements for secure systems transmitting information up to top secret.
To learn more about how IQ-Core software can benefit your organization, you can find information on our website including datasheets and whitepapers. You can also request a discussion with one of our experts or ask for a free evaluation copy right from our website.
We think you'll quickly discover why we say IQ-Core software enables warfighters to fight the battle and not the network.