vSEC:CMS on Azure

The vSEC:CMS on Azure is an innovative, easily integrated and cost-effective Credential Management System (CMS) that will help you deploy and manage credentials within your organization. vSEC:CMS will change your views on how to manage the lifecycle of physical and virtual credentials. Organizations can run vSEC:CMS in public clouds, private clouds and hybrid clouds.

Vendor Independent

vSEC:CMS is fully functional with minidriver enabled credentials such as smart cards, USB tokens and virtual smart cards including Windows Hello for Business (WHfB) and it streamlines all aspects of managing credentials by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers… the list goes on. With vSEC:CMS organizations can issue credentials to employees, personalize the credentials with authentication credentials and manage the lifecycle of the credentials – directly from the cloud.

Versasec Core Connections

Secure

A cornerstone of vSEC:CMS is security, all sensitive data and keys are secured using hardware. Operators of the system are authenticated using two-factor authentication and all usage is securely audited for full traceability.
The main task of a CMS is to securely connect user identities (credentials) into an enterprise systems and maintain this connection throughout the lifecycle of the credential. That implies the need of secure communication with several external systems.

Demonstration and Free Consultation

You can schedule a demo or contact our Versasec team for a free consultation.

Instant Access

vSEC:CMS is available on the Azure Marketplace. Once the Azure VM has been launched, vSEC:CMS is ready to use in Evaluation Mode. During the evaluation, you can configure your environment with up to 5 licenses and your own use cases. Each license manages one credential. Additional licenses can be acquired as a subscription or as a perpetual license. Please contact a Versasec reseller or Versasec directly to proceed.

Instant Setup!

It’s easy to get started and you can have the most common configuration (Windows Credential Logon) set up in minutes instead of days following our step-by-step tutorials. Once you have the initial use case configured you can build from there adding: User Self Service, Remote Operators and support for other secure devices including Virtual Smart Cards and Windows Hello for Business (WHfB). We support many different use cases; configuration options and our feature set are vast.

Use Case Guide: Windows Credential Logon

We will guide you through the initial setup all the way to you issuing and managing the lifecycle of your secure devices. Follow this guide on our Support Portal: Windows Credential Logon
Note: The PKI used in this example use case will be an MS CA. Other PKIs are also supported.

Documentation

Complete Documentation is found on our Support Portal

Product News:

Meet vSEC:CMS 7.3 – Advancing Orchestration and Governance with Microsoft Sentinel Integration and YubiKey as a Service

  • New Versasec Codeless Connector for Microsoft Sentinel: Versasec introduces an integration built on Microsoft’s Codeless Connector Framework (CCF). You can now stream vSEC:CMS events directly into Sentinel’s Log Analytics tables.
  • Support for Thales SafeNet IDPrime DI 930 FIDO 2.0 Smart Card.
    Expanding options for enterprises seeking a contact- and contactless-authenticator that supports both PKI and FIDO 2.0 technologies.
  • Support for the Thales SafeNet eToken Fusion BIO (Standard & Enterprise Features) Tokens.
    Both the Standard and those featuring Thales Enterprise Edition are supported by vSEC:CMS. This integration allows enterprises to deploy and manage the enrollment and management of fingerprints for authentication purposes.
  • Versasec provides enterprise-grade lifecycle management for the HID Crescendo 4000 series through its vSEC:CMS (on-premise) and vSEC:CLOUD (managed service) platforms. Because the Crescendo 4000 is a “minidriver-enabled” card, the Crescendo 4000 integrates natively with Versasec’s orchestration to handle everything from initial issuance to retirement.
  • FIDO Support for the HID Crescendo C2300 Cards. Versasec has officially expanded its support for the HID Crescendo C2300, moving beyond its long-standing PKI management to include full FIDO2 lifecycle orchestration.
  • Version 7.3 debuts a new built-in report framework featuring pre-made reports to provide immediate visibility into credential data. Integration with YubiKey as a Service allows organizations to ship pre-registered YubiKeys with FIDO2 passkeys directly from the credential management systems to the end-user. Bypassing complex manual security logistics and delivering a streamlined, zero-touch workflow for both administrators and end-users.
  • Configuration Export streamlines environment management by allowing administrators to export their entire system setup into a machine-readable JSON file. This capability is particularly valuable for performing audit comparisons between different CMS instances, such as identifying configuration drift between a test lab and a production system.
  • Versasec has expanded the accessibility of its suite by adding Canadian French language support to the vSEC:CMS Agent application.

Migrate to vSEC:CMS

vSEC:CMS includes upgrade wizards that enables quick and simple upgrade paths from third party credential management systems.

Check out the details on how to upgrade from:

Resellers

The product can be purchased from authorized vSEC:CMS integrators and resellers, or directly from Versaseccontact Versasec to let us help you find the best way forward.

Videos

The vSEC:CMS video content can be found here.

Supported Credentials

Versasec strives to support as many credential types as possible in all of Versasec’s products. We support PIV, PKI, Virtual, Physical Access, Logical Access, and FIDO/PIV, and FIDO only credentials. Versasec does not lock you in to one provider, we are credential-agnostic. The number of supported credential types is continuously increasing with every new product version. If you are using a credential that is not on the list, please contact Versasec to check if and when your credential will be supported. Supported Credentials: https://versasec.com/products/supported-credentials/

Product Features

The table below highlights the key features in the Versasec credential management product suites.

 

vSEC:CLOUD

vSEC:CMS

User-Side Credential Operations

Agent-Side Credential Operations

  • Admin Key Change
  • Online Unblock User PIN
  • Offline Unblock User PIN (Operator Side)
  • User PIN Policy Update
  • Certificate Management (pfx or p12 Import, Delete)

Advanced Credential Operations

  • Admin Key Diversification
    from Hardware Protected Masterkey
  • User Fingerprint Policy Update
  • Batch Mode Support
  • Interface Management
  • Custom Data on Credential Management
  • Contact and Contactless (NFC)
  • Credential Ordering and Shipping

Database

  • Credential Repository
  • SQL-based Databases
  • Backup / Restore
  • Multi-forest & Multi-domain

Credential Management System Features
 

vSEC:CLOUD

vSEC:CMS

Product Features

Advanced Management Features

  • User Self-service and MS Credential Provider
  • Key Archive and Key Restore
  • Smart Card Stock Management
  • Granular Operator Permissions and Access Control
  • Card Printing and Batch Processing
  • Photo Capturing
  • Remote Security Device Management (RSDM)
  • Certificate Management using ACME
  • FIDO2 Enterprise Management

Systems Integrations

  • Certification Authorities
  • User Directories
  • Physical Access System (RFID)
  • Identity Providers (IdP)
  • Windows Event Log
  • Mail Server
  • Hardware Security Module (HSM)

Integrations/APIs

Server-Side
  • SQL Database Interface
  • SOAP Helpdesk API
  • SOAP Lifecycle API
  • REST Lifecycle API
Client-Side
  • COM API
  • Web Start API
  • Plugin API
  • Physical Access System (PACS) API
 

vSEC:CLOUD

vSEC:CMS

Licensing/Packaging

Managed by Versasec

  

Subscription

Perpetual Licenses

  

Installation Package

  

NOTE
✔ – The credential is supported by the product.
L – Known limitations – check release notes.
For details about validated middleware/minidrivers check the Versasec support portal or contact us.

vSEC:CMS

Our product suite provides all the software tools to administrate and manage credentials in a secure and convenient way.

Start here

Free Product Trial

Versasec provides enabling IT security products centered on the usage of security devices such as smart cards. Our solutions enable customers to securely authenticate, issue and manage user credentials more cost effectively. Get a free product trial.

Job Openings

We are always looking for new exceptional persons to join our team! Find out more about our job openings.

New to credential management?

SCMS = Smart Card Management Systems
CMS = Credential Management System
Have a look at the Wikipedia definition of a ‘Smart Card Management System’.

Versasec Support

Versasec customers with an existing support and maintenance contract can access the Versasec Support Portal, offering extensive professional support and maintenance services. The Versasec Support Portal offers a variety of services, allowing for customers and any site visitor to communicate directly with support engineers.

Visit Support

Company Blog

Our blog addresses the latest security trends and stories. The posts discuss how identity and access management are playing a larger role in keeping corporate data safe as well as brand reputations intact.

Visit our Blog