Server

Digi-CA™ Server In Detail

[1] The principal difference between Xs, Xp and Xg in each case relates to the degree of integration and customization required. For example, Digi-CA Server™ Xs can be pre-configured and delivered to the customer for installation without any assistance from Digi-Sign whilst Digi-CA Server™ Xg projects can run for weeks and even months or years.


Important Note: If you have technical personnel that can correctly configure a network environment, install the necessary operating systems and provide secure access to the server(s), the Digi-CAST2™ installations Team may be able to conduct a large part of the installation process prior to visiting your site. In some cases, the complete installation can occur without the need for Digi-CAST2™ to visit your site at all.

• Digi-CA Server™ Xs

Digi-CA Server™ Xs is CA Software for installation on a single server and comes complete with all the different sub-systems designed to run and operate efficiently on that single machine (see Appendix II).

As a software product, Digi-CA Server™ Xs only generates client certificates [2] [Digi-IDs™] that can be used for email, two factor authentication [3], secure web access, as electronic signatures, for use within a Virtual Private Networks [VPN] or for device-to-device authentication. Like all professional CA systems it allows the Administrator to set up policies and to manage all of the Digi-ID™ [4] life cycle services.

Even with all of the powerful functionality and capabilities that Digi-CA Server™ Xs offers, it is easy to install, configure and operate. A competent Network Engineer or qualified IT Technician could install a fully functional version of Digi-CA Server™ Xs and be fully competent in its operation within three days or less.

Digi-CA Server™ Xs can only be installed on a single Pentium® server and is typically used where high availability is not a key component of the environment. As a single server installation, there is no mirroring or synchronizing of data. All records and data are protected by periodic backups only. Typical installations would be small to medium environments where high system availability is not an issue.




• Digi-CA Server™ Xp

Digi-CA Server™ Xp is CA Software for installation on two servers and offers the same services as Digi-CA Server™ Xs but on a larger scale and with many additional services including Certificate deployment and renewal automation (see Appendix II). The primary reason for selecting Xp instead of Xs is because Digi-CA Server™ Xp offers fail-over functionality.

Digi-CA Server™ Xp can also be configured to generate Secure Socket Layer [5] [Digi-SSL™] web server Certificates, Software & Code Signing Certificates [Digi-Code™ [6]] in addition to the Digi-ID™ Xp and Digi-ID™ Xg Certificates.

The Digi-CA Server™ Xp installation must be carried out by Digi-CAST2™ professional services. This installation may require the Digi-CAST™ [7] Team to physically conduct the installation on site, however, if a competent Network Engineer can provide a reliable connection to the correctly configured servers, then it may be possible to conduct the installation over the internet, without incurring travel and accommodation costs. The fully functional version of Digi-CA Server™ Xp can be completed in seven days or less.

Digi-CA Server™ Xp is installed on two Pentium® servers and is typically used where high availability is a component of the environment. As a dual server installation, there is mirroring and synchronizing of data. All records and data are protected by this fail-over service. The Digi-CA Server™ Xp is split over two servers and gives the option to include a firewall in between. Typical installations would be large enterprise or government environments.




• Digi-CA Server™ Xg

Digi-CA Server™ Xg is the CA for commercial Trust Centres [8]. The services can be split over as many as 16 servers but a typical installation would use four servers and a single Hardware Security Module [HSM]. This CA has four levels of security including two or three levels of firewalls with fail over facilities and can incorporate hot standby, disaster recovery and a single system can operate from multiple locations.

The Digi-CA Server™ Xg installation must be carried out by Digi-CAST2™ professional services and requires the Team to physically conduct the installation on site with the associated travel and accommodation costs. Once configured, the fully functional version of Digi-CA Server™ Xg can be completed in ten days or less.

Digi-CA Server™ Xg is used where high availability and reliability are a key component of the environment. As a multi-server installation, there is mirroring and synchronizing of data. All records and data are protected by this fail-over service. The Digi-CA Server™ Xg separates the CA services so that seven layers of security can be applied to the Trust Centre environment. The CA services are located in the Certificate Engine core with the RA, Certificate Revocation List [CRL], Light Directory Access Protocol [LDAP] and Time Stamping services [9] located in the Outer Core (see Appendix II). Typical installations are government and commercial CA Trust Centres.