MS Exchange Design

Contact us to discover the best way to enable S/MIME Support, Digital Signatures, and Email Encryption in your Exchange environment. Microsoft Exchange consumes PKI derived certificates (don’t be tempted to leave the self-signed certificates in place) for the: Hub Transport Server, the Client Access Server, the Edge Transport Server, the Mailbox Server and Unified Messaging.

Direct Access Design

DirectAccess requires a Public Key Infrastructure (PKI) to provide X.509 certificates for security. DirectAccess requires a range of certificates, including server and client certificates, IPsec certificates. Certificates for Microsoft Forefront Unified Access Gateway (UAG) etc.

The design also has requirements for Autoenrolment and manual enrolment. There are additional requirements for internal and external CRL publication points. Further consideration should be given to use suit B cryptographic algorithms etc.

BitLocker and EFS Design

Contact us for in-depth help in the planning of Microsoft BitLocker Administration and Monitoring (MBAM) deployments. We can help with BitLocker provisioning, deployment, improve compliance and reporting on while reducing support costs. Most important of all, ensure that no laptop ever has data that is permanently locked out from its user because of poorly managed, stolen or lost Bitlocker keys.

Microsoft Services

Primarily our approach to the Microsoft Distributed Enterprise is through solid security underpinning usually based on sound regulatory compliance that fits the business that we are consulting for.

Compliant PKI infrastructure is one thing, but we are equally at home designing, deploying and commissioning the full range of Microsoft Enterprise Products; this means that we can offer an extended service that is not just confined to PKI.