vSEC:CMS C-Series on AWS

vSEC:CMS will change your views on how to manage the lifecycle of credentials. The vSEC:CMS C-Series on AWS is an innovative, easily integrated and cost effective Credential Management System or Credential Management System (SCMS or CMS) that will help you deploy and manage credentials within your organization. Organizations can run vSEC:CMS C-Series in public clouds, private clouds and hybrid clouds.

The vSEC:CMS C-Series is fully functional with minidriver enabled credentials and it streamlines all aspects of a credential management system by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers etc. With vSEC:CMS organizations can issue credentials to employees, personalize the credential with authentication certificates and manage the lifecycle of the credentials - directly from the cloud.

Vendor Independent

vSEC:CMS is fully functional with minidriver enabled credentials such as smart cards, USB tokens and virtual smart cards including Windows Hello for Business (WHfB) and it streamlines all aspects of managing credentials by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers... the list goes on. With vSEC:CMS organizations can issue credentials to employees, personalize the credentials with authentication credentials and manage the lifecycle of the credentials - directly from the cloud.

Versasec is an IAM provider that helps businesses manage their access-enabling devices.

vSEC:CMS Connectors (see figure above)

  1. 1. Badge Printers for Batch Operations
  2. 2. User Directory for User Look Up
  3. 3. File & Database Servers
  4. 4. Secure Transport of PIN Codes
  5. 5. Event & Log Management
  6. 6. User Photo Capture
  7. 7. Certificate/PKI Services
  8. 8. Physical Access Control Systems
  1. 9. Hardware Security Module
  2. 10. Secondary Authentication (IdP/OIDC/SMS/email)
  3. 11. Key Archival & Key Recovery
  4. 12. vSEC:CMS Admin - System Administration
  5. 13. Remote Security Device Management
  6. 14. Credentials: Physical & Virtual Smart Cards/Tokens
  7. 15. vSEC:CMS User - End-user Self-service applications
  8. 16. vSEC:CMS Agent - Operational Management Interface

Demonstration and Free Consultation

You can schedule a demo or contact our Versasec team for a free consultation.
To find a local partner, please check our Versasec Partner Network page.

Secure

A cornerstone of vSEC:CMS is security, all sensitive data and keys are secured using hardware. Operators of the system are authenticated using two-factor authentication and all usage is securely audited for full traceability.
The main task of a CMS is to securely connect user identities (credentials) into an enterprise systems and maintain this connection throughout the lifecycle of the credential. That implies the need of secure communication with several external systems.

Instant Access

vSEC:CMS C-Series is available on the AWS Marketplace. Once the AWS Instance has been launched, vSEC:CMS is ready to use in Evaluation Mode. During the evaluation, you can configure your environment with up to 5 licenses and your own use cases. Each license manages one credential. Additional licenses can be acquired as a subscription or as a perpetual license. Please contact a Versasec reseller or Versasec directly to proceed.

Instant Setup!

It’s easy to get started and you can have the most common configuration (Windows Credential Logon) set up in minutes instead of days following our step-by-step tutorials. Once you have the initial use case configured you can build from there adding: User Self Service, Remote Operators and support for other secure devices including Virtual Smart Cards and Windows Hello for Business (WHfB). We support many different use cases; configuration options and our feature set are vast.

Use Case Guide: Windows Credential Logon

We will guide you through the initial setup all the way to you issuing and managing the lifecycle of your secure devices. Follow this guide on our Support Portal: Windows Credential Logon
Note: The PKI used in this example use case will be an MS CA. Other PKIs are also supported.

Documentation

Complete Documentation is found on our Support Portal

Product News

vSEC:CMS Version 6.1 is now available. A press release about this version is available here. The new version incorporates a variety of enhancements, updates and automated tasks, including the following:

  • vSEC:CMS Agent - A brand new Windows application dedicated to credential management.
    • Versasec is an IAM provider that helps businesses manage their access-enabling devices.
  • vSEC:CMS Admin - We have renamed the Operator Console and it is now going to be more focused on configuration and administration, and less on operational tasks.
  • vSEC:CMS User Self-Service - The end-user interface to vSEC:CMS has been updated and now Mac and Windows users get a more similar experience and on the Windows platform the application is now available from the Microsoft Store: https://www.microsoft.com/store/apps/9NQZS0JTTWK7
    • Versasec is an IAM provider that helps businesses manage their access-enabling devices.
  • Credential template management is improved and now allows for template changes that can be applied during both local and remote/self-service credential updates.
  • Significant performance improvements from version 6.0 for all credential management operations.
  • Support for use of MySQL and MariaDB as the main database for vSEC:CMS.
  • Now supports Futurex VirtuCrypt HSM.
  • Updated Badge Layout functionality.
  • Microsoft Windows Hello for Business (WHfB) issuance improvements.
  • Improvements in CryptoVison card support.

vSEC:CMS Suite

More information about the complete vSEC:CMS product suite can be found here. vSEC:CMS Suite

Migrate to vSEC:CMS

vSEC:CMS S-Series includes upgrade wizards that enables quick and simple upgrade paths from third party credential management systems.

Check out the details on how to upgrade from:

Resellers

The product can be purchased from authorized vSEC:CMS integrators and resellers, via our partners reseller network or contact Versasec directly to let us help you find the best way forward.

Videos

The vSEC:CMS video content can be found here.

Supported Credentials

 

vSEC:TOOL

vSEC:CMS

Supported Credentials

K

S

C

ACS ACOS5-64

Aventra MyEID 4.5

Avtor CryptoCard 337

Atos CardOS v4.4

Atos CardOS v5.3

Cryptovision SCinterface

Key-ID PKI

Feitian ePass FIDO-NFC K9/PlusK9/K40

Feitian BioPass FIDO2 Plus K27/K26/K45

Feitian eJava Token

Feitian SmartCard

Feitian ePass2003

Feitian ePass2003 PKI eJava Token

Feitian ePass2003 PKI SmartCard

Feitian Fingerprint_Smart_Card_F2000

Feitian iePass_FIDO_PIV_K44

Thales IDPrime .NET 510

Thales IDPrime .NET 5500

Thales IDPrime MD 830

Thales IDPrime MD 840

Thales IDPrime MD 930

Thales IDPrime MD 940

Thales IDPrime MD 3810

Thales IDPrime MD 3840

Thales IDPrime MD 3930

Thales IDPrime MD 3940

Thales IDPrime MD 3940 FIDO

Thales IDPrime PIV 2.1

Thales IDPrime PIV 3.0

Thales IDPrime Virtual

Thales MultiApp ID

Thales Safenet eToken 5110 FIPS

Thales Safenet eToken 5300

HID Global Crescendo C200

HID Global Crescendo C1150

Identiv uTrust MD

Longmai mToken CryptoID

Microsoft minidriver enabled devices

Microsoft Windows Hello for Business

Idemia ypsID S2

Idemia ypsID S3

Idemia ID-One Cosmo 8.1 IAS ECC

Idemia ID-One PIV 8.1

Open FIPS 201 Applet

SafeTrust-PIV on Placard

Taglio C2

Taglio PIVKey

TCOS TeleSec IDKey

Virtual Smart Cards

Yubico YubiKey 5 NFC/5C/5 Nano/5C Nano

Yubico YubiKey 4/4 Nano/4C/4C Nano

Yubico YubiKey NEO/NEO-n

NOTE
- The credential is supported by the product.
L - Known limitations - check release notes.
For details about validated middleware/minidrivers check the Versasec support portal or contact us.

The table below highlights the key features included in the vSEC:CMS product suite. Further detailed information about each product is provided from this table.

 

vSEC:TOOL

vSEC:CMS

Product Features

K

S

C

User-Side Credential Operations

Agent-Side Credential Operations

  • Admin Key Change
  • Online Unblock User PIN
  • Offline Unblock User PIN (Operator Side)
  • User PIN Policy Update
  • Certificate Management (pfx or p12 Import, Delete)

Advanced Credential Operations

  • Admin Key Diversification
    from Hardware Protected Masterkey
  • User Fingerprint Policy Update
  • Batch Mode Support
  

Database

  • Credential Repository
  • SQL-based Databases
  • Backup / Restore
  • Multi-forest & Multi-domain
  

Credential Management System Features

  
 

vSEC:TOOL

vSEC:CMS

Product Features

K

S

C

Advanced Management Features

  • User Self-service and MS Credential Provider
  • Key Archive and Key Restore
  • Smart Card Stock Management
  • Granular Operator Permissions and Access Control
  • Card Printing and Batch Processing
  • Photo Capturing
  • Remote Security Device Management (RSDM)
  • Certificate Management using ACME
  

Systems Integrations

  • Certification Authorities (MS CA, Entrust, DigiCert, EJBCA, GlobalSign...)
  • User Directories (LDAP, MS AD)
  • Physical Access System (RFID)
  • Identity Providers (IdP) using OpenID Connect (OIDC)
  • Windows Event Log
  • Mail Server (for PIN mailing)
  • Hardware Security Module (HSM)
  

Integrations/APIs

Server-Side
  • SQL Database Interface
  • SQL High Availability - Microsoft Always On
  • SOAP Helpdesk API
  • SOAP Lifecycle API
Client-Side
  • COM API
  • Web Start API
  • Plugin API
  • Physical Access System (PACS) API
  
 

vSEC:TOOL

vSEC:CMS

Licensing/Packaging

K

S

C
Freeware
    
Perpetual Licenses
    
Subscription
  
Stand Alone Application
    
Installation Package
    
Ready To Deploy Image
    

The feature is included in the product.