vSEC:CMS on Azure

The vSEC:CMS on Azure is an innovative, easily integrated and cost-effective Credential Management System (CMS) that will help you deploy and manage credentials within your organization. vSEC:CMS will change your views on how to manage the lifecycle of physical and virtual credentials. Organizations can run vSEC:CMS C-Series in public clouds, private clouds and hybrid clouds.

Vendor Independent

vSEC:CMS is fully functional with minidriver enabled credentials such as smart cards, USB tokens and virtual smart cards including Windows Hello for Business (WHfB) and it streamlines all aspects of managing credentials by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers… the list goes on. With vSEC:CMS organizations can issue credentials to employees, personalize the credentials with authentication credentials and manage the lifecycle of the credentials – directly from the cloud.

vSEC:CMS Connectors

1. Badge Printers for Batch Operations
2. User Directory for User Look Up
3. File & Database Servers
4. Secure Transport of PIN Codes
5. Event & Log Management
6. User Photo Capture
7. Certificate/PKI Services
8. Physical Access Control Systems
9. Hardware Security Module
10. Identity Provider (Secondary Authentication and FIDO2)
11. Key Archival & Key Recovery
12. vSEC:CMS Admin – System Administration
13. Remote Security Device Management
14. Credentials: Physical & Virtual Smart Cards/Tokens
15. vSEC:CMS User – End-user Self-service applications
16. vSEC:CMS Agent – Operational Management Interface

Secure

A cornerstone of vSEC:CMS is security, all sensitive data and keys are secured using hardware. Operators of the system are authenticated using two-factor authentication and all usage is securely audited for full traceability.
The main task of a CMS is to securely connect user identities (credentials) into an enterprise systems and maintain this connection throughout the lifecycle of the credential. That implies the need of secure communication with several external systems.

Demonstration and Free Consultation

You can schedule a demo or contact our Versasec team for a free consultation.
To find a local partner, please check our Versasec Partner Network page.

Instant Access

vSEC:CMS C-Series is available on the Azure Marketplace. Once the Azure VM has been launched, vSEC:CMS is ready to use in Evaluation Mode. During the evaluation, you can configure your environment with up to 5 licenses and your own use cases. Each license manages one credential. Additional licenses can be acquired as a subscription or as a perpetual license. Please contact a Versasec reseller or Versasec directly to proceed.

Instant Setup!

It’s easy to get started and you can have the most common configuration (Windows Credential Logon) set up in minutes instead of days following our step-by-step tutorials. Once you have the initial use case configured you can build from there adding: User Self Service, Remote Operators and support for other secure devices including Virtual Smart Cards and Windows Hello for Business (WHfB). We support many different use cases; configuration options and our feature set are vast.

Use Case Guide: Windows Credential Logon

We will guide you through the initial setup all the way to you issuing and managing the lifecycle of your secure devices. Follow this guide on our Support Portal: Windows Credential Logon
Note: The PKI used in this example use case will be an MS CA. Other PKIs are also supported.

Documentation

Complete Documentation is found on our Support Portal

Product News

vSEC:CMS Version 6.7 is now available. The new version incorporates a variety of enhancements, updates and automated tasks, including the following:

Versasec adds Matica EDIsecure to its existing list of supported Smart Card printers. By leveraging a smart card printer organizations are not only able to print graphics onto the smart card it is also a great tool in larger deployments where Versasec can issue large batches of smart cards by leveraging the functionality of the printer.
Admins can now ensure FIDO tokens have PINs set during credential issuance, increasing security.
Managed certificates now have a dedicated repository for all transactions, including certificate issuance and revocation. Dedicated repository for managed certificates will facilitate traceability, and reporting.
Continuing towards the passwordless journey , Azure AD TAP functionality has been expanded. Now, admins are able to create TAP and distribute it on-demand, not just during credential issuance. Allowing TAP to be generated and delivered to already-in-use credentials.
General performance improvements including application start up, credential information loading, and more.
Added support for Thales SafeNet IDPrime 3930 FIDO.The SafeNet IDPrime 3930 is a dual FIDO-PKI device designed for combined FIDO-PKI-based use cases.
Enhanced user experience in the Admin application. Implementation includes a quick switch from Smart Card Repository to Managed Certificates Repository.

vSEC:CMS Suite

More information about the complete vSEC:CMS product suite

Migrate to vSEC:CMS

vSEC:CMS S-Series includes upgrade wizards that enables quick and simple upgrade paths from third party credential management systems.

Check out the details on how to upgrade from:

Resellers

The product can be purchased from authorized vSEC:CMS integrators and resellers, via our partner reseller network or contact Versasec directly to let us help you find the best way forward.

Videos

The vSEC:CMS video content can be found here.

Supported Credentials

	vSEC:TOOL	vSEC:CMS
Supported* Credentials
ACS ACOS5-64
Aventra MyEID 4.5
Avtor CryptoCard 337
Atos CardOS v4.4
Atos CardOS v5.3
Cryptovision SCinterface
Key-ID PKI
Feitian ePass FIDO-NFC K9/PlusK9/K40
Feitian BioPass FIDO2 Plus K27/K26/K45
Feitian eJava Token
Feitian SmartCard
Feitian ePass2003
Feitian ePass2003 PKI eJava Token
Feitian ePass2003 PKI SmartCard
Feitian Fingerprint_Smart_Card_F2000
Feitian iePass_FIDO_PIV_K44
Thales IDPrime .NET 510
Thales IDPrime .NET 5500
Thales IDPrime MD 830
Thales IDPrime MD 840
Thales IDPrime MD 930
Thales IDPrime MD 940
Thales IDPrime MD 3810
Thales IDPrime MD 3840
Thales IDPrime MD 3930
Thales IDPrime MD 3940
Thales IDPrime MD 3940 FIDO
Thales IDPrime PIV 2.1
Thales IDPrime PIV 3.0
Thales IDPrime Virtual
Thales MultiApp ID
Thales Safenet eToken 5100/5110 FIPS
Thales Safenet eToken 5300
Thales Safenet eToken FIDO
HID Global Crescendo 144K
HID Global Crescendo C200
HID Global Crescendo C2300
HID Global Crescendo C1150
Identiv uTrust MD
Longmai mToken CryptoID
Microsoft minidriver enabled devices
Microsoft Windows Hello for Business
Idemia ypsID S2
Idemia ypsID S3
Idemia ID-One Cosmo 8.1 IAS ECC
Idemia ID-One PIV 8.1
Open FIPS 201 Applet
SafeTrust-PIV on Placard
Taglio C2
Taglio PIVKey
TCOS TeleSec IDKey
Virtual Smart Cards
Yubico YubiKey 5 NFC/5C/5 Nano/5C Nano
Yubico YubiKey 4/4 Nano/4C/4C Nano
Yubico YubiKey NEO/NEO-n

* The supported credential table does not validate support of all possible credential features and integrations made within Versasec applications. Please contact Versasc or our partners for validation of your specific needs.

Product Features

The table below highlights the key features in the Versasec credential management product suites.

	vSEC:CLOUD	vSEC:CMS
User-Side Credential Operations Change User PIN Offline Unblock User PIN (User Side) Certificate Listing Card Information Support for a large set of credentials Available directly from the Microsoft Store
Agent-Side Credential Operations Admin Key Change Online Unblock User PIN Offline Unblock User PIN (Operator Side) User PIN Policy Update Certificate Management (pfx or p12 Import, Delete)
Advanced Credential Operations Admin Key Diversification from Hardware Protected Masterkey User Fingerprint Policy Update Batch Mode Support
Database Credential Repository SQL-based Databases Backup / Restore Multi-forest & Multi-domain
Credential Management System Features Full Credential & Certificate Lifecycle Management Seamless integration with MS Windows (domain and PKI) Always Available Migration Paths To and From vSEC:CMS Credential Template & Custom Workflow Management Windows Hello for Business (WHfB) management Virtual Smart Card support for enabling BYOD
	vSEC:CLOUD	vSEC:CMS
Product Features
Advanced Management Features User Self-service and MS Credential Provider Key Archive and Key Restore Smart Card Stock Management Granular Operator Permissions and Access Control Card Printing and Batch Processing Photo Capturing Remote Security Device Management (RSDM) Certificate Management using ACME FIDO2 Management
Systems Integrations Certification Authorities (MS CA, Entrust, DigiCert, EJBCA, GlobalSign...) User Directories (LDAP, MS AD, Azure AD) Physical Access System (RFID) Identity Providers (IdP) using OIDC and LDAP Windows Event Log Mail Server (for PIN mailing) Hardware Security Module (HSM)
Integrations/APIs Server-Side SQL Database Interface SOAP Helpdesk API SOAP Lifecycle API Client-Side COM API Web Start API Plugin API Physical Access System (PACS) API
	vSEC:CLOUD	vSEC:CMS
Licensing/Packaging
Managed by Versasec
Subscription
Perpetual Licenses
Installation Package

NOTE
✔ – The credential is supported by the product.
L – Known limitations – check release notes.
For details about validated middleware/minidrivers check the Versasec support portal or contact us.

vSEC:CMS

Our product suite provides all the software tools to administrate and manage credentials in a secure and convenient way.

Start here

Free Product Trial

Versasec provides enabling IT security products centered on the usage of security devices such as smart cards. Our solutions enable customers to securely authenticate, issue and manage user credentials more cost effectively. Get a free product trial.

Job Openings

We are always looking for new exceptional persons to join our team! Find out more about our job openings.

New to credential management?

SCMS = Smart Card Management Systems
CMS = Credential Management System
Have a look at the Wikipedia definition of a ‘Smart Card Management System’.

Versasec Support

Versasec customers with an existing support and maintenance contract can access the Versasec Support Portal, offering extensive professional support and maintenance services. The Versasec Support Portal offers a variety of services, allowing for customers and any site visitor to communicate directly with support engineers.

Visit Support

Company Blog

Our blog addresses the latest security trends and stories. The posts discuss how identity and access management are playing a larger role in keeping corporate data safe as well as brand reputations intact.

Visit our Blog

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
uncode_privacy[consent_types]	1 year	This cookie is set by Uncode WordPress theme and is used to manage privacy settings on the website.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_20104436_1	1 minute	Set by Google to distinguish users.
_gat_UA-20104436-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
NID	6 months	NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

vSEC:CMS on Azure

Vendor Independent

vSEC:CMS Connectors

Secure

Demonstration and Free Consultation

Instant Access

Instant Setup!

Use Case Guide: Windows Credential Logon

Documentation

Product News

vSEC:CMS Suite

Migrate to vSEC:CMS

Check out the details on how to upgrade from:

Resellers

Videos

Supported Credentials

Supported* Credentials

Product Features

User-Side Credential Operations

Agent-Side Credential Operations

Advanced Credential Operations

Database

Credential Management System Features

Product Features

Advanced Management Features

Systems Integrations

Integrations/APIs

Server-Side

Client-Side

Licensing/Packaging

vSEC:CMS

Free Product Trial

Job Openings

New to credential management?

Versasec Support

Company Blog

Sweden

United States

United Kingdom

Middle East

Asia

Germany