Our Network Environment currently uses a self-signed root certificate that we created within our Microsoft Enterprise Root CA environment. Our Network Ops team is having some problem with public facing HTTPS requests thru a IronPort device. The self-signed certificate we currently have in place worked in a good portion of our network, but we want to implement a solution when working with public facing devices.
I was tasked with finding a cheap, easy to implement solution to this problem.
I am pretty sure we can do this rather easily, by purchasing a Wildcard Signed Cert from a CA (Verisign, Thawte, etc) and import it into our CA server and then using Active Directory/Group Policy push this out to workstations, servers and network devices.
I have a couple questions thou...
1. Can I roll this out just to the network devices that have a public facing interface or does it get rolled out to the entire network?
2. will this design work?
appriciate any advice or clarification.
Mark C.
I was tasked with finding a cheap, easy to implement solution to this problem.
I am pretty sure we can do this rather easily, by purchasing a Wildcard Signed Cert from a CA (Verisign, Thawte, etc) and import it into our CA server and then using Active Directory/Group Policy push this out to workstations, servers and network devices.
I have a couple questions thou...
1. Can I roll this out just to the network devices that have a public facing interface or does it get rolled out to the entire network?
2. will this design work?
appriciate any advice or clarification.
Mark C.