1

Comodo Certificate ManagerSimple, Automated & Robust SSL Management from the #1 Provider of Digital Certificates

Datasheet

2

Introduction

CCM Overview

Certificate Discovery

Certificate Lifecycle Management

- Instant Issuance

- Configuration & Installation

- Remediation

- Renewals

Automation

Private Certification Authority Service

Code Signing in the Cloud

Administration

About Comodo

Technical Specifications & Features

Table of Contents3

4

5

6

7

8

9

10

11

12

3

IntroductionDigital certificate management is complex and can be difficult to manage effectively without the right visibility, tools and poli-cies in place. In today’s environment where no one is safe from a cyber-attack, organizations need to continually monitor their web security posture to prevent or minimize damage from sophisticated attackers that are looking for any opening to exploit.

Most medium to large enterprises have multiple websites, devices and web applications that require a large volume of digital certificates across their environment, including public facing websites. Often certificates need to be issued quickly by multiple administrators across different organizations, business units and countries. Keeping track of dozens (or possibly hundreds) of certificates in any environment can quickly become a challenge for administrators. Certificates need to be purchased, deployed and renewed when they have expired, which all takes time, especially when multiplied over the dozens or even hundreds of applications and domains that exist in many enterprises. Ignoring or mishandling even a single one of them can lead to unin-tended vulnerabilities that are susceptible to threats.

That’s why enterprises today need a secure digital certificate management portal like Comodo Certificate Manager (CCM) so that they can have complete control and visibility to manage their certificate needs and to strengthen their web environment. CCM is a critical solution for enterprises to protect their business, their brand, and their customers.

Why enterprises need a certificate management solution:

� Real-time visibility into your entire website and web applications environment and inventory to maintain a secured environment

� Website, application & business continuity

� Maintain compliance to enterprise and industry policies

� Increase operational efficiency while reducing costs

CCM Datasheet

www.ccm.comodo.com

4

Comodo Certificate Manager OverviewSimple, Automated & Robust SSL Management from the #1 Provider of Digital Certificates

CCM takes the complexity, cost and time out of managing digital certificates. Through a cloud-based platform, CCM enables en-terprises to have complete visibility and lifecycle control over any certificate in their environment along with the tools, support and products to reduce risk, quickly respond to threats and control operational costs. With CCM customers receive the most advanced certificate management solution available, along with industry leading 24x7 support backed by the #1 leading brand in digital certificates.

Entire lifecycle management for all your digital certificates from one easy-to-use online platform.

� Domain Validation (DV) certificates

� Organization Validation (OV) certificates

� Extended Validation (EV) certificates

� Multi-domain certificates

� Wildcard certificates

With CCM enterprises can instantly issuance, deploy and revoke certificates to quickly scale up or down projects; have complete administration control and create custom rules for certificate requests; benefit from a lower total cost of SSL ownership, and protect their brand with a publicly trusted root compatible with all major browsers and operating systems that will eliminate self-signed certificates and “certificate not trusted” errors. Easy deployment, configurable controls, and fast scanning are capa-bilities critical for large and growing enterprises.

� Device certificates

� Private certificates (Private CA)

� Self-signed certificates

� Code signing & EV code signing certificates

� S/MIME email certificates

CCM Datasheet

www.ccm.comodo.com

#1 market leader in SSL/TLS certificates*

99.9% trust recognition from browsers

OVERINDUSTRY BESTTHE

MORE THAN OVER OVER

25%of the Fortune 1,000 use Comodo SSL solutions

700Kbusinesses in 150+ countries use Comodo solutions

7.5Bcertificate revocation lookups per day

The Industry Leader in Digital Certificate Solutions

70M+ certificates issued worldwide

*Netcraft report: September 2017

5

Certificate DiscoveryComprehensive scanning to discover all certificates in your environment regardless of the CA

Built into the cloud-based console, the certificate discovery feature quickly scans your private and public networks, detects all SSL/TLS certificates currently in use regardless of the issuing Certificate Authority (CA), identifies important configuration de-tails, and presents the data back to you in an organized, intuitive management dashboard. When administrators have real-time visibility, they can make the right decisions and take the necessary actions to protect their environment.

Certificate Discovery also provides tools and guides so that enterprises can mitigate the risks of non-compliance, maintain industry best practices and adhere to corporate and compliance policies. Standard and customized reporting also includes security and vulnerability ratings on all SSL/TLS certificates, helping administrators quickly identify and take corrective actions.

Your Marketing Platform URL Key features

� Configurable network scans across different parts of the network

� Agent and agentless deployment options for load-bal-ancers and servers

� Comprehensive, interactive dashboard with an easy to use interface and drill-down capabilities

� Custom notifications for in-console alerts or by email

� Get information across all SSL certificates, whether they are self-signed or issued by another CA

� Quickly identify and remediate rogue certificates

� Create custom detailed reports that include upcoming expirations, key length, hashing algorithms, and more

� Prevent down time from unexpected expirations with notices through email notifications and console alerts

“More than half of companies have at one point lost a digital certificate, or there were certificates on their

network whose origins could not be accounted for.”

CCM Datasheet

www.ccm.comodo.com

6

Your Marketing Platform URL

CCM lifecycle management capabilities include:

Instant IssuanceInstantly issue, DV, OV, or EV SSL certificates for every pre-validated domain. Role-based user ac-cess enables individuals or teams the ability to is-sue certificates across the organization so that se-curity can be quickly turned on for any web based project.

Configuring & InstallationAutomatic configuration and installation of certifi-cates using SCEP, REST, or EST to automate certifi-cate deployment across the network.

RemediationReal-time alerts enable administrators the ability to spot potential weaknesses and remotely fix or revoke certificates on demand.

RenewalsCertificates can be manually renewed set for au-tomatic renewal to avoid unintended expirations or downtime.

Certificate Lifecycle ManagementFull control, visibility and simple management for issuing, installing, remediating and renewing certificatesNetwork environments are continually expanding to include new secure web-based projects; this shift in ensuring a secure web environment means more demands on managing certificates. Managing multiple certificates with differing expiration dates (including ones issued by different vendors) creates challenges for even the most sophisticated enterprise. For enterprises with a large web environment, the process of managing the lifecycle for every SSL certificate can lead to oversight, manual errors, improper configuration, weak ciphers, and unintended expirations. CCM reduces these risks by ensuring complete lifecycle management for all enterprise web assets.

CCM Datasheet

“Most organizations rely on spreadsheet-based tracking methods and manual processes to keep track of certifi-

cates, resulting in many undocumented installations and increased exposure to risks.”

Your Marketing Platform URL

www.ccm.comodo.com

7

AutomationSimplify issuance and deployment and spend less time manually managing certificatesWorkflow automation has become a necessity for administrators and it enables them to save time, save costs, cut down on hu-man errors, and improve business efficiency. Automation in website security helps enterprises maintain control while keeping secure and compliant. Through the CCM, APIs administrators can integrate directly into the platform and automate processes of the certificate lifecycle including purchasing, renewing, installing, revoking, or updating certificates across their entire envi-ronment.

CCM automation tools can also be used for setting up regular scans of a network, recording all discovered certificates and then checking that the certificate was deployed correctly to avoid mistakenly using an old certificate. The automation tools help by providing critical detection for misconfigured certificates and identify potential security vulnerabilities and assign each certifi-cate and server a grade along with offering remediation actions if needed.

Your Marketing Platform URL

“Certificate management platforms with automa-tion capabilities can reduce management time by up

to 60% when compared to manual management”

“225 Hours is the average time spent to manual-ly manage 50 certificate each year”

CCM Datasheet

www.ccm.comodo.com

8

Private Certification Authority ServiceIssue & manage private SSL certificates in CCMComodo Private CA is a feature in CCM designed to enable enterprises with a low-cost way to secure and manage their private intranet certificates while adhering to corporate and industry compliance standards. Through the CCM platform administrators can issue, view and manage their intranet certificates alongside of their Comodo certificates all from a single platform helping them better avoid risks, errors, or hidden costs that can be associated with self-signed certificates.

Common uses for private certificates include:

� Intranet sites

� VPN or wireless authentication

� Device identification – mobile device deployments or BYOD

� Internet of Things (IoT) projects

� Securing communications between internal services

CCM Datasheet

www.ccm.comodo.com

9

Code Signing in the CloudSecure and manage code signing certificates by storing the keys in the Comodo CCM PKI infrastructureCode Signing certificates are used by software developers to digitally sign applications and software programs to prove that the file a user is downloading is genuine and has not been compromised. This is especially important for publishers who distribute their software through third-party download sites, which they may have no control over. Major operating systems will show end users an error message if the software they are trying to install is not signed by a trusted CA.

The CCM platform has both a hosted and cloud based service that provides a fast and simple interface through which devel-opers can upload, sign and quickly collect their signed software. The service ensures certificate keys are securely stored and available only to authenticated users, helping to mitigate the risk of accidental loss or theft and protect users from downloading compromised software. CCM is also capable of hash signing; developers can upload a hash of their files for signing instead of the file itself. The developer would then need to embed the hash with their files.

Code Signing provides authentication to assure customers that the file they are downloading is from the publisher named on the certificate. In addition, this also proves that the file has not been tampered with or hacked since it was signed.

Can be used to sign: � .EXE

� .DLL

� .CAB

� .MSI

� .OCX

� .SYS

� .JAR

� .APK

� WAR

� Adroid applications

CCM Datasheet

www.ccm.comodo.com

10

AdministrationCloud based platform to administer and manage digital certificate portfoliosCCM’s cloud-based management console enables centralized control, delegated administration, visibility and compre-hensive management for all SSL and code-signing certificates across an enterprise. The administrative features allow enterprises to have quick access to key data with a comprehensive dashboard view, enables them to customize their settings and control user’s roles and have access to a suite of full reporting capabilities.

Comprehensive dashboard for quick views

� Active/Revoked certificates

� Drill down by organization

� See certificates set to expire within 180 days

� See all certificates by CA

� View current state of all certificates requested and issued

Fully reporting capabilities

� Automated or on demand reporting

� Historical logs

� Certificates

� Private key controller

Adjustable settings & admin controls

� Private key store

� Set up and manage users by role

� Quickly add and manage domains & organizations

� Customizable notifications and email templates

� Create custom rule sets

Your Marketing Platform URL

Your Marketing Platform URL

Your Marketing Platform URL

CCM Datasheet

www.ccm.comodo.com

11

About ComodoThe Comodo organization is a global innovator of cybersecurity solutions, protecting critical information across the digital land-scape. Building on its unique position as the world’s largest certificate authority, Comodo authenticates, validates and secures networks and infrastructures from individuals to mid-sized companies to the world’s largest enterprises. Comodo provides complete end-to-end security solutions across the boundary, internal network and endpoint with innovative technologies solv-ing the most advanced malware threats, both known and unknown. With US headquarters in Clifton, New Jersey, the Comodo organization has offices in Silicon Valley, China, India, the Philippines, Romania, Turkey, Ukraine and the United Kingdom. For more information, visit www.comodo.com.

Keep up to date with our blog - https://blog.comodo.comFollow us on Twitter - Twitter@ComodoNews

Connect with us on LinkedIN - https://www.linkedin.com/company/comodo

CCM Datasheet

www.ccm.comodo.com

12www.ccm.comodo.com

CCM Datasheet

Technical Specifications & Features � Certificate Discovery (SSL Handshake)

� Certificate Discovery (MS AD-MS CA - IIS)

� Server Certs – Included

� Email certs – Included

� Code Signing – Included

� Private Certificates

� Auto Enrollment of Certificates to all domain joined objects

� All validation types

� Lifecycle Management

� Self Enrollment Web Interface

� S/MIME Enrollment by Invitation

� Customized Web Interfaces

� Key Escrow

� Three-level Delegated Administration

� Bulk DCV

� Access Control based on Role and IP

� Cloud Code Signing Service

� Agent Based On Premise Code Signing Service

� Customized Web Interfaces

� S/MIME Enrollment by Invitation

� Auto Installation of SSL Certificates

- Apache

- IIS

- F5 Big IP

- BlueCoat

- IBM Websphere

- Citrix Netscaler

- Cisco ACE

- Imperva WAF

� Certificate Discovery (SSL Handshake)

- Microsoft CA

- Symantec MPKI

- GlobalSign MSSL

� SSH Key Management

� Unlimited Re-issues

� Federated Identity Login

� Certificate Support

� Lifecycle Management

� Self Enrollment Web Interface