Venafi, a provider of systems management for encryption software, today released an enhanced version of its encryption management solution to enable customers to more easily secure IBM WebSphere MQ (WMQ), IBM's message-oriented middleware solution. Organizations can now use Venafi to rapidly and automatically deploy, manage and control encryption throughout their WMQ infrastructure, securing channels and enforcing client authentication.
WMQ is widely used as the network-messaging backbone for mission-critical applications such as ATM and credit card transactions. Implementing encryption in WMQ is critical for complying with regulatory requirements and data security standards because it ensures the confidentiality of information transferred by WMQ and enforces authentication into queues to prevent unauthorized access to information. IBM offers customers two options for implementing encryption in their WMQ environments, SSL and WMQ Extended Security Edition (ESE), both of which require digital certificates to be deployed and maintained on WMQ queue managers and clients. In many large organizations, this often means thousands of configuration points and distributed certificates and keys, so manually deploying and maintaining certificates is complex and costly.
"The complexity of deploying and managing encryption has traditionally created a nagging dilemma for organizations with large WMQ deployments. If they don't implement encryption, no administrative complexity is introduced but significant security risk remains," said Paul Turner, vice president of product and customer solutions, Venafi. "If they do implement encryption, there are new administrative burdens, which, if improperly managed, lead to costly downtime. With Venafi now available to automate the process for both WMQ SSL and WMQ ESE, organizations that have held off on implementing security across their WMQ infrastructure can confidently increase security without administrative complexity or the fear of system failure."
Venafi makes deploying SSL or WMQ ESE less complex and lowers the cost by automating the certificate distribution, system configuration and ongoing management of digital certificates to WMQ clients and queue managers. With Venafi, organizations can now:
- Increase security and service levels by rapidly deploying strong security for WMQ
- Prevent system downtime and service outages from un- or under-managed certificates
- Increase operational efficiency by reducing workloads of administrative staff
- Improve compliance with organizational policies and external regulations
More on Venafi Systems Management for Encryption
Venafi automatically discovers certificates that have already been deployed to ensure organizations have a complete view of all certificates, including self-signed and other types of certificates which an organization may not be tracking or even be aware of. Discovered certificates and systems can then be automatically placed under management by Venafi, which monitors expiration dates for all deployed certificates and automatically performs all renewal steps, without requiring involvement from administrators. Venafi provides automated lifecycle management for certificates and keys in IBM Global Secure Kit (GSK) and Sun Java Key Store (JKS), as well as many other key stores and systems.
Venafi also automates the encryption configuration for WMQ, including setting key sizes, selecting the key store type (CMS, JKS, etc.), creating the key stash, setting certificate labels, and setting key store passwords. It then provides detailed status tracking and reporting, including step-by-step status of lifecycle management stages, expiration schedules, administrative entitlements, change logs and other functions.