Help in implementing a PKI/Smart Card Infrastrucutre

• Previous message: Greg Zygadlo: "A/D Permissions"
• Next in thread: S. Pidgorny : "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
• Reply: S. Pidgorny : "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 11 Mar 2005 18:39:22 -0800

Ladies and Gentlemen:

I need help in getting ANYONE to talk to me about implementing Smart
Card/PKI in my small business. From reading "Windows Server 2003 PKI and
Certificate Security" by Brian Komar and
"Windows Server 2003 Security Infrastructures" by Jan De Clerq, I know PKI
and how it is implemented in Windows 2003/XP Active Directory pretty well.
I have already implemented a two tier CA infrastructure using Windows 2003
Enterprise Servers. I only use Enterprise Servers in my small business
because Small Business Server and Standard Server have a crippled PKI. I
run a Windows 2003 native AD domain with Windows 2003, Windows XP and Linux
machines. I use certificates for e-mail and IPSec authentication on my
LAN/WAN.

I would like to expand my PKI to include smart card logon. I have already
decided on the hardware choices; FIPS 140 Level 3 compliant hardware is
preferred. My challenge is getting anyone from GemPlus, Rainbow
Technologies, etc to talk to anyone of my size. I have tried calling
vendors such as GemPlus and Rainbow Technologies, but get no response. My
impression is unless I am a Fortune 500 company with tens of millions of
dollars to spend, Smart Card/PKI vendors will not give me the time of day.

Even Bill Gates has stated that passwords are a failed policy and two-factor
authentication is really the way to go. I know Microsoft has implemented
smart cards in their infrastructure. It would be a great help to small
businesses like mine for Microsoft to share/help/facilitate the
implementation of Smart Cards/PKI for small businesses. As this is a
security issue, it would appear to be a win-win for all parties involved.

If anyone, MS or non-MS, can help guide me to people who can help my small
business purchase the hardware I need to implement smart cards, it would be
greatly appreciated. For MS folks that may frequent this news thread, I
will be attending a Microsoft .NET three day seminar in Santa Monica March
14-16. If anyone from MS can contact me at this event to help, it would be
much appreciated.

Regards,

Edward W. Ray
CISSP, MCSE 2003+Security, P.E., GCIA, GCIH
President, MMICMAN LLC
ewray at mmicman dot com
(714) 926-4514

• Previous message: Greg Zygadlo: "A/D Permissions"
• Next in thread: S. Pidgorny : "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
• Reply: S. Pidgorny : "Re: Help in implementing a PKI/Smart Card Infrastrucutre"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]