ÃÛÌÒTV

Best Practices 03-13-2015

Certificate Inspector: Agent Deployment Strategies

Using a certificate management platform reducesÌýthe stress of obtaining SSL Certificates and managing existing ones. However, the tools that you use to manage your certificates are only as effective as you make them.

The Certificate Inspector platform from ÃÛÌÒTV includes an agent that you install on networks that you want to scan. Using the agent and the web-based portal you can scan your network and then analyze the overall health of your certificate landscape.

In one of our recent posts, we discussed . This post focuses on deployment strategies for your Certificate Inspector agents. There are many ways to deploy the agent on your network. Note that your individual needs will determine how you decide to deploy your agents. Below are the two most common agent deployment strategies.

Deployment Strategy #1

In this first strategy, the ÃÛÌÒTV Certificate Inspector Agent has been installed on one network. From that network, the agent performs scans on other networks and subnets. One advantage of this strategy is that all of the networks in your environment can be scanned with just one agent. A disadvantage with this strategy is that it requires you to configure an exception in each network's firewall so that the agent can scan it.

Deployment Strategy #2

In this strategy, an agent is deployed in each network and subnet. The advantage of this strategy is that there is no need to configure an exception in the firewalls for the agent to scan other networks and subnets, leading to stronger security. The disadvantage with this strategy is that it requires installing one agent per network and subnet, whereas the previous strategy can scan all connected networks at once.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-27-2024

6 actionable ways to secure the IIoT at every stage

Tracking the progress toward post-quantum cryptography

The state of PQC since the publication of FIPS 203, 204 and 205