PKI Blog

1024-bit RSAs Days are Numbered

Posted by Ted Shorter on Jul 9, 2013 6:49:48 AM

In December of 2011, the CA/Browser Forum, comprised of representatives from the major Certification Authorities such as Symantec, Comodo, GoDaddy, and DigiCert, as well as browser vendors such as Microsoft, Apple, Mozilla, and Opera, published a document called "Baseline Requirements for the Issuance and Management of Publicly Trusted Certificates.” This document outlines an agreed-upon set of minimum standards for SSL/TLS cert vendors.

One of these standards essentially calls of the elimination of certificates with 1024-bit RSA public keys by the end of 2013: any RSA-keyed certificate, even end-entity (“subscriber”) certificates, that expire after Dec. 31, 2013, must have a key of at least 2048-bits. This is big news in some circles; a number of public cert vendors have had to change their procedures, and, more significantly, start migrating their customer bases to 2048-bit certs. Many started this process quite a while ago.

Read More

Topics: digital certificate, RSA cert length, apple, Symantec, Public Key Infrastructure, Comodo, certificate 2013, RSA certificate length, Industry Trends, DigiCert, SSL certificate, 1024-bit RSA, PKI, TLS cert, Microsoft PKI, digital certificate length, Blog, 1024 certificate length, cert length 2013, GoDaddy, Mozilla

How to View the FEP Collection Membership Queries

Posted by CSS Technical Team on May 11, 2011 12:51:54 PM

The FEP dashboard located on the SCCM console has a wealth of information. It provides FEP admins with a snapshot of the overall health of your FEP deployment and various statistics including recent malware activity, definition status, and even when FEP has been disabled on an endpoint.

Read More

Topics: Microsoft Malware Protection Center, IT Security, Symantec, Microsoft Security Partner, Microsoft System Center, Microsoft SCCM, McAfee, Microsoft Forefront Endpoint Protection, Anti-Malware, Microsoft FEP, Blog, Antimalware Protection, Microsoft Antimalware

FEP 14th Day MMPC Definition Update

Posted by CSS Technical Team on May 4, 2011 9:00:00 AM

In addition to 3 definition update mechanisms defined in the FEP policy (WSUS,UNC and Windows Update), there is actually a little known 4th update mechanism built into the client. This 4th definition update channel is designed to provide a 'fall back' if all of the other methods fail and the client falls more than 14 days out of date.

Read More

Topics: Microsoft Forefront Endpoint Protection Best Pract, Microsoft Malware Protection Center, IT Security, Symantec, Microsoft Security Partner, Microsoft System Center, SCCM, Microsoft Forefront Endpoint Protection, Anti-Malware, Microsoft FEP, Blog, Antimalware Protection, MMPC

Preparing Existing Antivirus Software for an Forefront Endpoint Protection Deployment

Posted by CSS Technical Team on May 2, 2011 5:00:55 AM

When deploying Forefront Endpoint Protection, making a few simple changes to your existing Antivirus Software before installing FEP can increase the success of your deployment. Below is a list of tasks:

Read More

Topics: IT Security, Symantec, Microsoft Security Partner, Microsoft System Center, Microsoft SCCM, McAfee, Microsoft Forefront Endpoint Protection, Anti-Malware, Microsoft FEP, Blog, Antimalware Protection

Forefront Endpoint Protection Command Line Interface Tasks

Posted by CSS Technical Team on Apr 12, 2011 10:17:00 AM

If you should ever need to administer a local FEP client through CLI you’re going to need to make use of MpCmdRun.exe. This program can be found in the “C:\Program Files\Microsoft Security Client\Antimalware” directory. MpCmdRun has several important functions; in this post we’ll be discussing some of the more useful options.

Read More

Topics: IT Security, Symantec, Microsoft Security Partner, McAfee, Microsoft Forefront Endpoint Protection, Anti-Malware, Blog, Antimalware Protection, Microsoft Antimalware

Posts by Topic

see all

Want to Learn more about CSS?