Need Advice on PKI and PKI research materials
tgfndotcom
Member Posts: 37 ■■□□□□□□□□
Our organization has been skirting around implementation of PKI, we are a microsoft shop so it is not a huge deal to follow microsoft best practices and build a internal PKI infrustructure.
As far as advice, we are in the process or multiple projects over the next few years, with the possiblilities of alot of Certificate usage (RMS, NAP, IPsec server isolation, Direct Access, Wired and Wireless 802.1x, networking team wants TLS if possible for Wireless, SCCM with external distribution point, sharepoint extranet for collaboration with other orgs, and i am sure there is more comming...)
I would like to see if anyone has a book, resource, cbt, something indepth on a scalable PKI for internal and external use, and options of different implementations.... I need to have a bit more information than i am finding to backup my thoughts and business analysis on how to build this infrustructure for our organization. Even some resources that show just external or internal choices to be made would help....
I have some time becuase i have tasked the security team to develop the Certificate policy and that will give me guidelines that they see as well as whatever i come up with
Any HELP would be great, i know there are some very intelligent people on these forums... that might be able to give a guy a point in the right direction..
thanks
As far as advice, we are in the process or multiple projects over the next few years, with the possiblilities of alot of Certificate usage (RMS, NAP, IPsec server isolation, Direct Access, Wired and Wireless 802.1x, networking team wants TLS if possible for Wireless, SCCM with external distribution point, sharepoint extranet for collaboration with other orgs, and i am sure there is more comming...)
I would like to see if anyone has a book, resource, cbt, something indepth on a scalable PKI for internal and external use, and options of different implementations.... I need to have a bit more information than i am finding to backup my thoughts and business analysis on how to build this infrustructure for our organization. Even some resources that show just external or internal choices to be made would help....
I have some time becuase i have tasked the security team to develop the Certificate policy and that will give me guidelines that they see as well as whatever i come up with
Any HELP would be great, i know there are some very intelligent people on these forums... that might be able to give a guy a point in the right direction..
thanks
Comments
I'll second that advice, I've been using the 2008 version for the last week as I'm designing a complete PKI architecture for a new Windows Server 2008 forest and the resource is extremely thorough.
I also need to re-write a complete Security Policy... and that's going to keep me busy for a while! (if anybody has any good resource on that, don't hesitate to let me know).
Here is a few links I've been using for the PKi:
http://blogs.technet.com/askds/archive/2009/09/01/designing-and-implementing-a-pki-part-i-design-and-planning.aspx
http://blogs.technet.com/askds/archive/2009/10/15/windows-server-2008-r2-capolicy-inf-syntax.aspx
http://technet.microsoft.com/en-us/library/cc778985(WS.10).aspx
SANS: Information Security Policy Templates
I spend hours on the sans website reading articles but didn't think of looking there for a template.