PIV Smart Card Enrollment and Configuration

A full-suite, certificate enrollment and configuration solution for PIV-Backed Smart Cards. Everything you need to use Smart Cards (such as YubiKeys) for Desktop Logon, SSH, VPN, Application Authentication, and much more.

Smart Card Configuration Clients

Easily enable end users to provision PIV-Backed smart cards for x.509 certificates in just a few clicks
Enforce PIN/PUK complexity policies and enable end users to easily reset their PIN/PUK with security best practices
Integrates with any modern Cloud Identity Provider (Google, Azure, Okta) for Smart Card enrollment via Single-Sign On
Powerful Private Key Attestation on a per-slot basis. Provide maximum assurance and allow Smart Cards to be used for high security clearance applications

As an organization we had an initiative to move everything to the cloud. SecureW2 allowed us to remove our reliance on AD, and use our Azure AD directly for our Wi-Fi and VPN authentication.

IT MANAGER

Read Deployment Stories

EVERYTHING NEEDED FOR

Desktop Logon, SSH, VPN, and More

Easy to use clients both enroll PIV Smart Cards for certificates, while configuring them for passwordless authentication applications such as Desktop Logon, SSH, VPN and more
Generate self-signed certificates in Slot 9D on YubiKeys, while enrolling unique client certificates to end users from your Private CA in Slot 9A for ultra secure Desktop Logon
Provides Private Key Attestation to provide maximum assurance and allow Smart Cards to be used for high security clearance applications

ZERO TRUST IDENTITY VERIFICATION

Ties Directly with any Identity Provider

Integrate any SAML (Google, Okta, Azure) Identity Provider and empower end users to securely self-enroll their YubiKeys for certificates
Leverage CloudRADIUS, the Industry’s first certificate-based RADIUS server built with Dynamic Lookup capabilities that validate identities in real-time during authentication
Provides Private Key Attestation to provide maximum assurance and allow Smart Cards to be used for high security clearance applications

FEATURE-RICH &

Turnkey Managed PKI Services

Industry exclusive self-service BYOD certificate enrollment and Gateway APIs for MDMs that integrate with every major BYOD and MDM vendor
Powerful certificate lifecycle management tools to create custom certificate templates, provide identity-driven issuance policies, and one-click Root and Intermediate CA generation (with Base and Delta CRL auto-generated)
Manage multiple Enterprise PKI organizations from one account, and even import your existing Microsoft CA and upgrade AD CS with our stronger certificate distribution and management features
Unique certificate issuance capabilities for IoT devices and secure Email with S/MIME certificates

AAA, ONBOARDING, AND PKI

Single-Pane Management

Complete visibility over your entire network authentication infrastructure. View AAA, 802.1X Onboarding, and Certificate issuance events all in one-single pane
Allow helpdesk users access to enrollment and onboarding logs for easy and remote troubleshooting
Customize certificate expiration notifications so end users and administrators ensure certificates remain easily up to date and secure

TURNKEY RADIUS SERVERS

Designed for Certificate Authentication

RADIUS Servers come pre-built to work with Smart Card certificate authentication
Industry-exclusive real-time user, group and device policy enforcement that works natively with modern Cloud IDPs like Azure, Okta and Google
Access RADIUS logs from the cloud with powerful Identity-based search mechanisms

INDUSTRY LEADING

World-Class Security in the Cloud

Highly secure, ISO 27001 Certified, and designed from the ground up for the Cloud.
Certificates Stored in Hardware Security Modules (HSM), Never in Software
Advanced API Gateways and next-generation AI-driven anomaly detection
Industry-exclusive CertLock™ Technology ensures certificates never leave their device.