Versasec vSEC:CMS S-series User Licence (Server version) Best practice for a large to medium size enterprise (50+ users). vSEC:CMS will change your views on .. Product #: SMAV100MSC-S based on 0 reviews

vSEC:CMS S-series User Licence (Server version)

The vSEC:CMS S-Series is fully functional with minidriver enabled smart cards and it streamlines all aspects of a smart card management system by connecting to enterprise directories, certificate authorities, physicalaccess control systems, email servers, log servers, biometric fingerprint readers, PIN mailers... the list goes on. With vSEC:CMS organizations can issue smart cards to employees, personalize the smart card with authentication credentials and manage the lifecycle of the smart card - directly from the off-the-shelf product.

 Versasec is an IAM provider that helps businesses manage their access-enabling devices.

vSEC:CMS Connectors (see figure above)

1. Smart card printer for batch operations
2. User directory for looking up users
3. File and database servers
4. Secure transport of PIN codes
5. Event & log management
6. User photo capture
7. Certificate/PKI services
8. Physical access control systems
9. Hardware security module
10. Secondary/out-of-band communication
11. Key archival & key recovery
12. Credential provider -login screen interface
13. Remote security device management
14. User self-service application
15. Physical & virtual smart cards/tokens
16. Administrative operator console

The vSEC:CMS S-Series is fully functional with minidriver enabled smart cards and it streamlines all aspects of a smart card management system by connecting to enterprise directories, certificate authorities, physical access control systems, email servers, log servers, biometric fingerprint readers, PIN mailers... the list goes on. With vSEC:CMS organizations can issue smart cards to employees, personalize the smart card with authentication credentials and manage the lifecycle of the smart card - directly from the off-the-shelf product.

vSEC:CMS S-Series Version 5.5 is now available.  This newest version incorporates a variety of important new features.

vSEC:CMS 5.5 adds support for the following:

  • Fingerprint enrollment using Oberthur PIV 8.1 smart cards
  • Gemalto IDPrime MD 3940 smart cards
  • Gemalto PIV 3.0 smart cards
  • Identiv uTrust MD smart cards
  • R-END/R-MAC in the GlobalPlatform secure messaging for Oberthur PIV 8.1 (2.4.1-SPE)
  • PUC-based challenge/response PIN unblock for all vSEC:CMS supported PIV smart cards

New features within vSEC:CMS include the following:

  • Subscription-based licensing
  • Ability to export certificate data when performing life cycle / certificate operations.
  • Option to server-side import PKCS#12/PFX files for smart card issuance
  • HSM protected GlobalPlatform keys for Oberthur PIV 8.1 cards
  • Smart card delete function is added to the SOAP API
  • New configuration option to set if Operator Console shall do certificate requests to Microsoft CA directly or via vSEC:CMS server (proxy)
  • Added functionality to allow for the reconfiguration of MS SQL connection when the local internal database is empty
  • Ability to rebuild local cached database from MS SQL
  • Versasec-Activator SO Session: Once a System Owner card has been used to authenticate, the System Owner PIN is not asked for again for 10 minutes, enabling
  • issuance of multiple operator cards
  • A feature has been added to allow manual creation of System Owner cards
  • Manual deletion of operator accounts
  • The error returned on life cycle card issuance is now configurable
  • Ability to store only overview data for RSDM device info

Scalability

The vSEC:CMS S-Series scales with your project. With the new load balancing capabilty, there is no upper limit!

 

Versasec is an IAM provider that helps businesses manage their access-enabling devices.

 

Integrability - APIs

The vSEC:CMS S-Series can be integrated and connected in many different ways, the drawing below is trying to visualize the most commonly used options.

Versasec is an IAM provider that helps businesses manage their access-enabling devices.

vSEC:CMS

More information about the complete vSEC:CMS product suite can be requested here This email address is being protected from spambots. You need JavaScript enabled to view it.

Update from 3rd Party SCMS

vSEC:CMS S-Series includes updgrade wizards that enables quick and simple upgrade paths from third party smart card management systems.

Check out the details on how to upgrade from Gemalto DAS / IDAdmin 100 and how to upgrade from Microsoft MIM/FIM CM

by sending an email request to This email address is being protected from spambots. You need JavaScript enabled to view it. 

--------------------------------------------------------------------------------------

vSEC:CMS S-Series Version 5.3 is now available

New in this version:

  • A new Operator Console COM API enables integration into other applications.
  • Our new Lifecycle SOAP API further improves server-side integration with vSEC:CMS.
  • Offers improved initialization/registration workflows for Gemalto SafeNet eTokens.
  • Includes support for Gemalto IDPrime PIV 2.1 smart cards.
  • Adds support for Yubico YubiKey 5 tokens.
  • Includes the Versasec Activator tool that enables license and Operator Key Store issuance, and operator card creation in the vSEC:CMS installation package.
  • Improves management of different types of security devices through stricter card configuration templates management.
  • Provides a major speed improvement in AD group membership validation.
  • A new configuration parameter (MaxWords) is part of the smart card layout renderer.
  • vSEC:CMS installation packages are both digitally signed and time-stamped.
  • Includes a new function that enables clearing of the data export cache.
  • See the updated list of supported hardware securitity devices.

--------------------------------------------------------------------

vSEC:CMS S-Series Version 5.2 is now available

New in this version:

Latest Release 5.2 of Flagship Identity and Access Management Solution Also Focuses on Certificate Authorities and Management of Client Components.
This major new version of one of the world's leading identity and access management (IAM) solutions offers improved interfaces to a variety of smart cards, improved user directories and more.

Beyond general improvements and corrections, vSEC:CMS S-Series 5.2 includes an impressive list of new features:

  • A new inventory for software version management (RSDM, USS and VSC) to improve management of vSEC:CMS software components installed on managed devices
  • Updates and improvements to FixDN, a feature that finds and corrects broken links between user ID stored in vSEC:CMS and user directory (AD)
  • Additional functionality to retrieve directory (AD) attributes, from the users' managers
  • New options for the virtual contact interface (VCI) bits in Discovery Object, which can now be configured to set VCI PIN behavior
  • An updated interface to ypsID S3 smart card to support version 3
  • Improved management for PIV FASC-N Credential Numbers
  • An updated interface to Thales nShield HSM
  • Support for Symantec MPKI 7.5, which enables the issuance of smart card certificates from the Kuwait government PKI 
  • vSEC:CMS version 5.2 also includes support for the following: Longmai mToken CryptoID; fingerprint enrollment for ypsID S3 smart cards; and SPE (Secure PIN Entry) on Oberthur 8.1 IV cards.

------------------------------------------------------------------

vSEC:CMS S-Series Version 5.1 is now available

New in this version:

  • This a major new version of the product with focus on the Remote Security Device Management (RSDM) functionality, Virtual Smart Cards and TPM management. The version has 14 new features and more than 20 fixes. The release notes can be found here.
    Here are some of the benefits of version 5.1:
  • RSDM TPM management and data collection
  • Machine UUID check in the RSDM onboarding process
  • Support for Microsoft Group Policies (GPO) to manage deployment and configuration changes of vSEC:CMS USS and vSEC:CMS RSDM
  • Functionality to centrally collect events from managed devices, which better supports helpdesk personal in troubleshooting client devices regarding vSEC:CMS client components
  • Improved client (user self-service, RSDM and Operator Console) handling of communication under heavy load
  • Monitoring and notification of HSM outages are now included in the vSEC:CMS System Status
  • The FIM migration wizard is now updated to include more user, card and certificate information in the migration process from Microsoft FIM CM to vSEC:CMS
  • More granular access control configurations for vSEC:CMS access to SQL database
  • Provides additional details about currently logged-on operators through the Operator Console
  • New Operator Dashboard view, providing an overview of the current status of clients managed within vSEC:CMS

--------------------------------------------------------------

vSEC:CMS S-Series Version 5.0 is now available.

New in this version:

Version 5.0 is a major new version of the product with significant changes in the product architecture. It is mainly focused on enabling deployment in large scale projects especially regarding Remote Security Device Management (RSDM) and User Self-Service (USS).The version has over 25 new features and more than 60 minor fixes, below is a summary of the major new features:

  • Load balancing capabilities to increase server-side bandwidth
  • Improved self-service enrollment workflow, triggered based on user directory group membership
  • Improved management capabilities for handling pending RSDM issuance requests
  • Support for Java cards as operator and system owner cards
  • API updates on the plugin interface
  • User interface updates
  • Smart card applet management (loading/removal) has been integrated into vSEC:CMS life cycle operations.
  • Support for Open FIPS 201 smart card applet has been added.
  • Support for Oberthur PIV 8.1 smart cards
  • Gemalto SafeNet Luna Network HSM v7 is now supported

 

versasec media

-------------------------------------------------------------------------------------------------

vSEC:CMS S-Series Version 4.9 is now available.

New in this version:

  • RSDM device synchronization makes it easier to synchronize repository information in vSEC:CMS when there are changes detected on the device, including manually destroying a virtual smart card, or changing the computer name.
  • A FORCE UP broadcast mode on RSDM clients optimizes bandwidth usage.
  • Improved Help and showing the number of pending tasks in the main menu bar.
  • Support for challenge/response when performing offline PUC based unblock on PIV-enabled devices.
  • Support for SCP03 and Global Platform key change, strengthening the security of Java Card management and offering support for smart card printer HID-Fargo SDK version 2.1 to enable improved batch processes.
  • Support for the SafeTrust-PIV on Placard.
  • UniCERT RA credentials can now be HSM-based, for increased security.
  • The Data Export functionality is now also available at smart card issuance, enabling functions such as printing PIN mailers.
  • An optional external permission check, dependent upon Microsoft AD group membership, enables more granular access control.
  • New SQL schema for all vSEC:CMS related database tables, enables better scalability and larger data sets, and new server-side SOAP API to better integrate vSEC:CMS into helpdesk application workflows, including PIN Unblock.

---------------------------------------------------------------------------------------------------

vSEC:CMS S-Series Version 4.8 is now available.

New in this version:

  • We've released vSEC:CMS S-Series version 4.8. Here are some of the other benefits of Version 4.8:
    By using the vSEC:CMS User Self-Service Credential Provider, it's now possible to issue credentials from the MS-Windows logon screen
  • The vSEC:CMS User Self Service application supports customized dialog and error messages
  • With the vSEC:CMS user notification system, users can receive enhanced system notifications for smart card expirations
  • added enforcement for server-managed PIN policies
  • Improvements have been to the retire procedure for managed security devices (RSDM) including remote destruction of possible Virtual Smart Cards on such devices
  • The vSEC:CMS server repository allows for synchronization of security device information (RSDM)

-----------------------------------------------------------------------------------------------------

vSEC:CMS S-Series Version 4.7 is now available.

New in this version:

  • We've released vSEC:CMS S-Series version 4.7. This latest version includes some of the key features you've asked for, including a new server-based search algorithm that improves smart card repository search speed when using SQL databases, and new role-generation templates. Here are some of the other benefits of Version 4.7:
  • Extends smart card lifecycle management with pre-issuance data so it supports graphical personalization (printing) before the card is registered with vSEC:CMS. Can also assign smart cards to specific users and/or card templates before the issuance process takes place.
  • Provides push notifications for Remote Security Device Management (RSDM).
  • Offers configurable personal identity verification (PIV) object signing.
  • Includes connections to both IBM-LDAP and OpenLDAP.
  • Allows for changes to the vSEC:CMS service logging without restarting the service.
  • Provides smart card serial numbers collection for card stock management.
  • Enables granular, role-based access control through variable-based issuance verification.
  • Includes finer optional access control, making use of Microsoft Active Directory Extended Rights.

--------------------------------------------------------------------------------------------------------

vSEC:CMS S-Series Version 4.6 is now available.

New in this version:

The main focus of this version is to enable simplified work flows. The new features include:

  • vSEC:CMS Windows Credential Provider - enables vSEC:CMS user self-service features directly from the Windows logon screen
  • DigiCert CA - built-in connector the DigiCert Certificate Authority
  • Alt-Security-Identities - update of altSecurityIdentities user attribute in Active Directory as part of smart card life cycle operations
  • Stock Management - smart card inventory management functionality
  • New HSM connector - Gemalto SafeNet ProtectServer HSM
  • Charismatics - vSEC:CMS now enables management of Charismatics Virtual Smart Cards

---------------------------------------------------------------------------------------------------------

vSEC:CMS S-Series Version 4.5 is now available.

New in this version:

Version 4.5 of the vSEC:CMS S-Series. This previous version allows for centralized management of virtual smart cards, supports new smart card types from 15 vendors, and supports additional client and server platforms.

Among its key features are its remote security device management (RDSM) capabilities, which enable centralized management for virtual smart cards.
This version also supports Yubikey tokens from Yubico for personal identity verification (PIV) use cases.

This new version of vSEC:CMS also has these attributes:

  • Remote Security Device Management (RSDM) enables central management of virtual smart cards.
  • Yubikey tokens from Yubico are now supported for PIV use cases.
  • Thales nShield HSM can now be used for CMS master keys
  • Additional SMS provider (Certificall, Clickatell, Tyntec, Dolphin) are now supported to be used for mobile notifications
  • Customizable interface for setting up connections to external components such as PKIs, Printers, Databases....
  • Features a new and improved system log repository
  • Offers reports listing operators in the system by AD account name
  • Includes the new Plugin API Version (2)
  • Offers connectivity with GlobalSign’s Managed PKI certificate issuance and lifecycle management platform
  • Supports Datacard SR300 card printers….

 

 

Versasec is an IAM provider that helps businesses manage their access-enabling devices.

vSEC:CMS Connectors (see figure above)

1. Smart card printer for batch operations
2. User directory for looking up users
3. File and database servers
4. Secure transport of PIN codes
5. Event & log management
6. User photo capture
7. Certificate/PKI services
8. Physical access control systems
9. Hardware security module
10. Secondary/out-of-band communication
11. Key archival & key recovery
12. Credential provider -login screen interface
13. Remote security device management
14. User self-service application
15. Physical & virtual smart cards/tokens
16. Administrative operator console

Smart cards are secure devices that are used for many purposes, with perhaps the most important being as combined identification badges for enterprises.

With all professional smart card use, the cards must be managed across the entirety of the smart card lifecycle.

At the base level, personalization tasks include setting PIN codes, setting policies, loading certificates, provisioning and setting management keys.

At the management level, tasks include unblocking PIN codes, setting new PIN codes, and renewing and issuing new certificates.

Revocation typically ends the smart card lifecycle, but it is also the point when the card can be personalized again.

All of these tasks and many more are handled by the vSEC:CMS smart card management system. 

Lifecycle management

All smart card operations within vSEC:CMS focus on the smart card lifecycle.

We use a state diagram to graphically visualize the lifecycle;

the diagram clearly shows the operator each card, its location in the lifecycle and available actions/processes from this state.

The same diagram is also used by the administrator when configuring the processes.

Credentials are generally user authentication devices such as physical smart cards, vertical smart cards or tokens. The number of supported credential types is continuously increasing with every new product version.

The table below is showing the supported credentials.

Supported Credentials

vSEC:CMS

K

S

C

ACS ACOS5-64

yes

yes

yes

ACS CryptoMate64

yes

yes

yes

Athena CNS

yes

yes

yes

Athena IDProtect Key Nano USB

yes

yes

yes

Athena IDProtect Key USB Token

yes

yes

yes

Athena IDProtect Smart Card

yes

yes

yes

Avtor CryptoCard337

yes

yes

yes

CardOS 4.4/5.3

 

yes

yes

Cryptovision ePKI Applet

 

yes

yes

Feitian ePass2003/eJave

yes

yes

yes

Gemalto IDPrime .NET 510/5500

yes

yes

yes

Gemalto IDPrime MD 830/840/940/3810/3840/3940

yes

yes

yes

Gemalto IDPrime PIV Card v2.1/v3.0

 

yes

yes

Gemalto Safenet eToken 5110/5300

 

yes

yes

HID C200

yes

yes

yes

HID C1150

yes

yes

yes

Identiv uTrust MD

 

yes

yes

Longmai mToken CryptoID

 

yes

yes

Microsoft minidriver enabled smart cards

yes

yes

yes

Mifare DESFIRE EV1

 

yes

yes

Morpho ypsID S2

yes

yes

yes

Morpho ypsID S3

 

yes

yes

Oberthur Authentic

yes

yes

yes

Oberthur IAS ECC

yes

yes

yes

Oberthur PIV 8.1

 

yes

yes

Open FIPS 201 Applet

 

yes

yes

Raak Technologies C2

yes

yes

yes

SafeTrust-PIV on Placard

 

yes

yes

Taglio C2

 

yes

yes

Taglio PIVKey

 

yes

yes

TCOS TeleSec IDKey

 

yes

yes

Virtual Smart Cards

 

yes

yes

Yubico YubiKey 5 NFC/5C/5 Nano/5C Nano

 

yes

yes

Yubico YubiKey 4/4 Nano/4C/4C Nano

 

yes

yes

Yubico YubiKey NEO/NEO-n

 

yes

yes

 

NOTE

✔ The credential is supported by the product.

Versasec is an IAM provider that helps businesses manage their access-enabling devices.

vSEC:CMS Connectors (see figure above)

1. Smart card printer for batch operations
2. User directory for looking up users
3. File and database servers
4. Secure transport of PIN codes
5. Event & log management
6. User photo capture
7. Certificate/PKI services
8. Physical access control systems
9. Hardware security module
10. Secondary/out-of-band communication
11. Key archival & key recovery
12. Credential provider -login screen interface
13. Remote security device management
14. User self-service application
15. Physical & virtual smart cards/tokens
16. Administrative operator console

The vSEC:CMS S-Series is an innovative, easily integrated and cost-effective smart card management system that helps organizations deploy and manage smart cards quickly and efficiently. The vSEC:CMS S-Series is clientserver based.

It streamlines all aspects of smartcard management by easily connecting to enterprise directories, certificate authorities, smart card printers,external databases, physical access control systems,and more.

The S-Series is designed for several operators and users working in parallel without a need for synchronization;

each operator requires access to the operator application and the operator’s operator smart card only.

 Operating Systems:

  • Client/Operator/User Self-service:
  • MS Windows 7, 8, 10, 2008, 2012, 2016

 Server: 

  • MS Windows 2008, 2012, 2016

 Smart Cards:

  • Gemalto .NET, .NET BIO, IDPrime PIV & MD
  • Raak Technologies C2
  • Morpho ypsID S2/S3
  • Athena CNS & IDProtect
  • Safenet eToken PRO
  • ACS ACOS5-64 & Cryptomate64
  • Oberthur Authentic, IAS ECC & PIV, PIV 8.1
  • Feitian ePass2003 Token
  • Avtor CryptoCard337
  • HID C200, C1150
  • Taglio C2, PIVKey 
  • T-Systems TCOS
  • Yubico YubiKey PIV
  • SafeTrust-PIV on Placard
  • Virtual smart cards (MS, vSEC & Charismatics)
  • Mifare DESFIRE EV1
  • Java Card with Cryptovision eID Applet v2.8
  • Java Card with Open FIPS 201 Applet v2.8
  • MS Minidriver enabled cards 

 Card Features:

  • Printer support for graphical personalization
  • PIN mailers (both email and regular mail)
  • Contactless RFID interface
  • Batch processing
  • Card stock management

 Compatibility:

  • User directory: MS Active Directory, IBM-LDAP,
    OpenLDAP and LDAP v2/v3
  • Card DB: SQL comp or local file
  • Certificate Authority: MS CA, Entrust, Symantec
    MPKI, EJBCA, neXus PKI, Opentrust PKI and
    Verizon UniCERT CA, DigiCert CA
  • HSM: Gemalto SafeNet Luna, Utimaco HSM and Engage BlackVault
  • Card Printers: Fargo HDP5000, Datacard SR300,
    Magicard Prima 4 and Evolis Primacy
  • Migration path to and from MS FIM/CLM
  • Upgrade path from vSEC:CMS K and T-Series
  • Upgrade path from Gemalto IDAdmin 100/DAS vSEC:CMS Plugin API, Scripting, WebStart

 Security Features:

  • Secure key storage
  • Secure backup and synchronization of databases
  • Disaster recovery for stolen/lost tokens
  • Encrypted audit log
  • Granular access control
  • Approval work flows
  • Connects logical and physical access control
  • Key archival and key restore processes
  • Fingerprint template management
  • Failover clustering for high availability

Performance:

  • The system is tested and is functional with
    300 000 registered user smart cards and 100
    parallel operators interacting with the system
  • Load balancing for high scalability
There are no reviews for this product.
Write a review
BadExcellent
Verification code *
Captcha Image
Reload image challenge
Facebook comment

Keyword Search

Newsletter signup

Subscribe to our mailing list
* indicates required
By subscribing you accept our