HID-ActivID-Validation-Responder-Data-Sheet
Open the original PDF document
View PDF
TURNKEY OCSP RESPONDER FOR SCALABLE, HIGH-PER-FORMANCE CERTIFICATE VALIDATION
- Ease of Management Simple setup and configuration allows for deployment in minutes.
- Secure All OCSP responses are pre-signed, eliminating the need for separate cryptographic modules and additional firewalls or network architecture.
- Versatile Available as software, hardware appliance, or virtual appliance to best fit your deployment strategy.
- Reduced Maintenance Costs Remote maintenance reduces IT time and training needs.
OPTIONAL FEATURES:
- Log Signing digitally sign log files for traceability
- Relaying relay OCSP requests to alternate responders
- Certificate Path Validation supports Server-based Certificate Validation Protocol (SCVP) delegated path discovery model
HID Global's ActivID Validation Responder is a turnkey Online Certificate Status Protocol (OCSP) solution optimized for delivering certificate validation in a variety of environments. The solution is ideal for network limited tactical environments as well as distributed facilities.
Deploying and managing a traditional Public Key Infrastructure (PKI) for large user populations can be challenging due to the large size of Certificate Revocation Lists (CRLs) that must be deployed, as well as the high cost of securing the OCSP responders. The ActivID Validation Responder removes these barriers and delivers a scalable OCSP infrastructure that is easy to set up and manage.
The Validation Responder is available as a hardware appliance, a virtual appliance, or as a software version to match your IT
deployment policy. With its easy setup and deployment, ActivID Validation Responder Appliances are modular, and can be scaled to the demands of each network to eliminate the costs of unneeded infrastructure. The streamlined footprint of the appliance optimizes hardware and bandwidth usage.
In addition, the ActivID Validation Responder Appliance is streamlined and hardened against network intrusion and Denial of Service (DoS) attacks, making it secure, reliable, and easy to maintain.
The ActivID Validation Responder works together with the ActivID Validation Authority, which pre-signs and compresses data, optimizing network bandwidth and removing the costs of securing traditional OCSP responders from cryptographic compromise.
ADDITIONAL PRODUCT FEATURES:
- Web-based configuration and management portal
- Optional digital signing of log files for traceability
- OCSP request relaying to tiered or alternate responders
- Optional SSH access to Linux shell
- Configuration file bundling via management portal
- Custom OCSP data polling
- Support for signed OCSP requests
- Filter access to OCSP interface by Certificate Authority
SPECIFICATIONS
| Hardware Appliance | |
|---|---|
| Appliance Model | Dell PowerEdge™ R230 rackmount server |
| CPU |
Intel®
Xeon® E3-1225, 3.3 GHz |
| RAM | 4 GB |
| Operating System | Debian Linux 9.0 |
| Height | 1U rack height |
| Throughput | Up to 2400 OCSP responses per second |
| Warranty | 3-year on-site* hardware warranty |
| Virtual Appliance | |
| Virtualization Environment | VMware® |
| Operating System | Debian Linux 9.0 |
| Software | |
| Operating System |
Microsoft Windows Server® 2012, 2012 R2 and 2016 (64-bit)
Red Hat® Enterprise Linux v6.x and 7.x (64-bit) |
| Common Specifications | |
| Standards Compliance |
RFC 6960 (OCSP)
RFC 5055 (SCVP), support for Delegated Path Discovery (DPD) FIPS 201 Certified |
*in countries serviced by Dell
North America: +1 512 776 9000 Toll Free: 1 800 237 7769 Europe, Middle East, Africa: +44 1440 714 850 Asia Pacific: +852 3160 9800 Latin America: +52 55 5081 1650