The BlackVault CA is a Certificate Authority with an integrated Hardware Security Module that simplifies and secures the implementation and operation of PKI infrastructures. Ready to deploy purpose built FIPS level 3 CA appliance that performs:
The BlackVault CA supports both networked and off-line (air-gapped) applications, and is easily transported to a secure room or safe without loss or compromise of cryptographic material. It also delivers the latest secure CA features, including Enrollment over Secure Transport (EST) protocol, as well as OCSP, and a full suite of advanced cryptographic algorithms (including Suite B).
The BlackVault CA maintains and updates the CRL as certificates are revoked. The CRL is accessed using the Online Certificate Status Protocol (OCSP).
Military Grade Tamper Reactive
To make the BlackVault CA EST Server as easy to utilize as possible, there is an integrated Representational State Transfer (ReST) API to automate and simplify secure client key enrollment and renewal integrated into its core functionality. Through the RESTful API devices enroll, and renew certificates programmatically.
|Industrial Internet of Things|
|BlackVault CA specifically targets Industrial IoT's security need for secure identity authentication. Establishing the foundation of trust that IIoT systems, devices, applications, and users need to safely interact and exchange sensitive data. Specifically the BlackVault CA's support for ECC and EST enables IIoT devices to readily achieve Certificate based authentication.|
Secure identity authentication for:
Offline Root Certificate Authority
Virtual Private Network Authentication
The BlackVault CA Certificate Authority facilitates secure connection establishment between VPN gateways by providing an X.509 authentication method to validate identities. Operating as a CA Appliance with an intuitive configuration sequence enables un-certifieds to readily secure authenticated Virtual Private Networks.
VPN gateway Certificate Signing Requests are input by a command line copy-and-paste method or via the Simple Certificate Enrollment Protocol (SCEP). The Certificate Revocation List is retrieved by VPN gateways using Online Certificate Status Protocol (OCSP).
Wired Virtual Private Network
Commercial Solutions for Classified
The Government’s CSfC program creates profiles for a layered combination of commercially available solutions to construct classified networks using VPNs. One of the key components of this network is the Certificate Authority.
The BlackVault CA with Suite B cryptography, advanced HSM functionality and intuitive controls improves the security of CSfC networks while simplifying their operation and minimizing their footprint.
CSfC Campus IEEE 802.11 Wireless Local Area Network