Subscribe:

Sunday 25 September 2011

Lync Deskphones and Wildcard Certificates


A critical component of any Lync deployment is the deskphone.  While some users may be comfortable with using a headset/PC combo as their primary telephony interface, I've found that most users still prefer a deskphone.

However, getting a Lync deskphone to work with Lync can be a bit tricky if you aren't diligent about following Microsoft best-practices to the letter.  You may have a Lync environment that works perfectly well for computer-based Lync clients, but you may come across various connectivity issues when you plug in a Lync deskphone that does presence and Exchange calendaring. 

I recently came across a client who were having Exchange connectivity issues with their Polycom CX600 phones.  The Polycom CX600 is likely the most popular Lync deskphone. It provides a very slick interface into Lync and Exchange so you can see your presence, contacts and upcoming meeting information. It is also very cost-effective compared to other similar products.

When users signed into Lync on their CX600 (either via keypad or USB-PC integration), they were soon presented with the following error:
 
Microsoft Exchange integration unavailable.  Connection to Exchange is unavailable due to invalid network credentials.
The CX600 uses Exchange Web Services (EWS) and autodiscover to find the connection to Exchange.  If there are issues with either service, it will pretty much guarantee that the CX600 won't connect.  I verified that both EWS and autodiscover were working properly.

When I reviewed the certificate loaded on the Exchange Client Access Server, I saw that the common name (CN) was set to their public domain (ie. contoso.com).  The Subject Alternate Names (SAN) included all the required names.  Microsoft Lync documentation recommends that you do not use certificates with the CN set to a wildcard domain name.  You CAN use wildcards in the SAN, but the CN really should be a valid name.  In this case contoso.com is the same as *.contoso.com. 

The client replaced the certificate with one whose CN matched the externally accessible name of the CAS server (owa.contoso.com) as reported by Exchange.  They issued an IISReset, restarted the CX600 and the error went away.  They now have full connectivity to Exchange via the CX600.

I've seen variations on this many times on both Exchange and Lync.  If you're only using Lync PC clients, you may never notice any issues, but as soon as you bring deskphones and even mobile phones into the mix, these sort of things often come up. 

So as a general rule, if you're creating certificates for Lync or Exchange, 
DON'T use a Wildcard SSL as the first name.

The Symantec® NetSure® Protection Plan, the Best in the Biz


Yet another hands down reason to choose a Symantec® SSL product over the other guys. Symantec® now offers an incomparable NetSure® Protection Plan with each and every Secured Sockets Layer (SSL) certificate. The NetSure® Protection Plan is an extended warranty program that keeps its customers and their companies first. It protects SSL Certificate customers against certain losses that possibly resulted from a breach on Symantec®.

This one-of-a-kind warranty extension applies to the VeriSign®, Thawte® & GeoTrust® brands and is just another distinct advantage over the competition.

VeriSign SSL Certificates now include up to a whopping $1,500,000 of NetSure® protection…just to give you a peace of mind and to show you that they truly believe that they are the best security company out there. They truly put their money where their mouth is.

The True Symantec® Advantage

This dramatic increase in warranty coverage across all of the different Symantec® SSL products is a true testament to their confidence in their products and provides VeriSign®, Thawte®, and GeoTrust® customers with the level of trust and security they have come to expect only from Symantec® and The SSL Store.


The New Warranty Limits
The new warranty limits for NetSure® protected SSL certificates are as follows and coverage applies to the following certificates issued on or after 
July 30th, 2011:




VeriSign Trust Network Certificates


SECURE SITE WITH EXTENDED VALIDATION
SECURE SITE PRO WITH EXTENDED VALIDATION

USD $1,500,000

SECURE SITE PRO CERTIFICATE

USD $1,250,000

SECURE SITE CERTIFICATE

USD $1,000,000

WILDCARD SSL CERTIFICATE

USD $500,000

ANY VERISIGN TRUST NETWORK CERTIFICATE SUBJECT TO THE LICENSED CERTIFICATE OPTION

USD $10,000

**CODE SIGNING CERTIFICATES ISSUED PURSUANT TO CODE SIGNING 
PORTAL ACCOUNTS ARE NOT CONSIDERED NETSURE CERTIFICATES

USD $0



Thawte Certificates


THAWTE SSL WEB SERVER CERTIFICATE WITH EXTENDED VALIDATION

USD $750,000

THAWTE SGC SUPERCERT

USD $500,000

THAWTE SSL WEB SERVER CERTIFICATE

USD $250,000

THAWTE WILDCARD SSL CERTIFICATE

USD $125,000

THAWTE SSL123 CERTIFICATE

USD $100,000

THAWTE CODE SIGNING CERTIFICATE

USD $50,000



Geotrust Certificates


GEOTRUST TRUE BUSINESSID WITH EXTENDED VALIDATION

USD $500,000

GEOTRUST TRUE BUSINESSID
GEOTRUST ENTERPRISE SSL STANDARD CERTIFICATE
GEOTRUST ENTERPRISE SSL PREMIUM CERTIFICATE

USD $250,000

GEOTRUST TRUE BUSINESSID WILDCARD
GEOTRUST ENTERPRISE SSL WILDCARD CERTIFICATE

USD $250,000

GEOTRUST TRUE BUSINESSID WILDCARD
GEOTRUST ENTERPRISE SSL WILDCARD CERTIFICATE

USD $125,000

GEOTRUST QUICK SSL PREMIUM CERTIFICATE

USD $100,000

CERTIFICATES ISSUED PURSUANT TO GEOROOT ACCOUNTS ARE NOT 
CONSIDERED NETSURE CERTIFICATES

USD $0



RapidSSL Certificates


RAPIDSSL CERTIFICATE

USD $10,000

RAPIDSSL ENTEPRISE CERTIFICATE

USD $10,000

RAPIDSSL WILDCARD SSL CERTIFICATE

USD $5,000

Please contact us for more information on the NetSure® Extended Warranty Protection Plan.

Source URL:-https://www.thesslstore.com/support/symantec-netsure-protection-plan.aspx

Thursday 22 September 2011

Best SSL Affiliate Program Launced

SSL Affiliate Program - TheSSLstore.com is one of the largest SSL certificate providers globally and now it’s offering Highest Paying Affiliate Programs "SSL Affiliate" to affiliate community where one can sale SSL certificates using their robust affiliate tracking system and earn commission.

SSL Affiliate Program

Earn commissions for a full year and maximize your income.
You’ve got plenty of traffic coming to your site. Why not give all your visitors a way to gain the confidence of their potential buyers and get paid for it? Virtually every business that collects information or payments online knows the importance of Security Certificates (SSL) to build customer trust and protect personal and financial data. Now you can help business owners give their customers peace of mind while creating a new source of income for your business - automatically.
How does The SSL Store Affiliate program work?
 
1.    The site visitor clicks your affiliate link
2.    The IP address is logged and a cookie is placed for tracking purposes
3.    The site visitor links to our site and may or may not purchase a package at that time
4.    If the visitor orders a package on that visit you receive your commission
5.    If the site visitor does not purchase during his first visit but comes back to the site within 90 days and makes a purchase you still receive commission.


How much does The SSL Store Affiliate Program pay?


1.    10% for Retail Customers - The simplest, most affordable way for business owners to earn their customer’s trust, increase sales, and protect personal and financial information using SSL certificates.
2.    5% for Enterprise Customers - Streamlined solutions for Corporations, Educational Organizations, Government Agencies, State, County and City Entities, and Civic Organizations to manage all their SSL certificates under one control panel.
3.    5% for Resellers - The industry’s most flexible and lucrative program for IT and web solution providers looking to resell SSL certificates.

https://affiliate.thesslstore.com/

Wednesday 21 September 2011

Get Geotrust quickssl Premium Seal At Discount Price by GeoTrust QuickSSL Platinum Authority


Questions? Call 727-388-4240

Thesslstore.com is an authorized and the leading GeoTrust QuickSSL Premium platinum authority on Global Scale. We offer GeoTrust QuickSSL Premium Seal @ $62.80/yr.

GeoTrust QuickSSL Premium Seal






GeoTrust QuickSSL Premium certificates are the most convenient and cost effective solution for any business that needs to conduct secure online transactions. These certificates enable up to 256-bit encryption and instill confidence and trust in your customers and business partners when providing sensitive information over the Web or mobile devices. 

Features & Benefits:-
  1. Secures both NON-WWW and WWW domain (FQDN)
  2. Single Root Certificate, Enables up to 256-bit SSL encryption
  3. Fully automated provision process
  4. FREE self-service reissues during validity period
  5. Enables up to 256-bit SSL encryption
  6. Compatible with 99% of current browser
  7. Present in 99%+ of mobile devices and smart phones
  8. Real-time, two-factor telephone authentication

Dynamically-generated site seal with a time/date stamp that identifies your site as authentic and validated by a trusted 3rd party to avail the advantage of real time extra discount offer visit
https://www.thesslstore.com/geotrust/quickssl-premium.aspx

GeoTrust QuickSSL Premium

Monday 19 September 2011

EV SSL Certificate with Optimal Security Protection


The EV SSL Certificate interacts with the address bar of your browser. The user can visually identify the reliability of the site as recognized by their web browser. It changes to green – “GO” – to indicate the safety of the site, in opposition to the red color – “STOP” – seen if a certificate is expired or contains mismatching data.

How an EV SSL Certificate Works?

Highly secure browsers perceive whether an SSL Certificate has been authenticated on the basis of Extended Validation. If so, they show in the web address “https” and a closed lock as signs of an encrypted session. In addition, the address bar turns green. The name of the organization and the certification authority that authenticates the data will be displayed next to the address. In this way the user can see at a glance if a site meets the industry’s most stringent authentication standards.

Is a higher level of authentication necessary?

Online fraud is increasing more and more, and it’s becoming more difficult to perceive fraudulent web sites as criminal methods become increasingly sophisticated. Given the fears about identity theft and online scams, users want to know if a site is trustworthy or not. The green address bar boldly announces security and trust. It is a valuable tool to increase sales that many e-commerce sites overlook. Though sites like PayPal and large corporate banks use it both to enhance trust and to foil phishers (because EV is far more difficult to mimic), EV SSL is even more important for smaller companies. Presenting the green bar means not just a logo on the site but the browser itself says, “You can trust this organization.”

Who can buy an EV SSL Certificate?

EV SSL Certificates involve the most rigorous application process of any SSL certificate. The Certification Authority/Browser (CA/B) Forum sets the standards. To qualify, an organization must be registered with an official registration authority within their jurisdiction. Corporations, partnerships, unincorporated companies, government agencies and sole proprietors can apply. The Certification Authority (such as VeriSign, Thawte, GeoTrust, or RapidSSL) replies with full qualifying questions and instructions.

Application may not be from “blacklisted” countries. These applications will simply bounce back and be refunded. Individuals and unregistered companies cannot currently qualify for Extended Validation EV SSL Certificates.

About the Author:-

RapidSSLonline is the world leader in major brand SSL certificates: it is at the top of the list when hovering over “Partners” at VeriSign.com’s homepage. RapidSSLonline.com provides a Price Match program to meet or beat any competitor pricing, along with 24/7 support for anytime problem-solving. NASA, IBM, Microsoft, Harvard University, the UN, and thousands of small organizations and businesses have trusted The SSL Store since its founding in 2007. RapidSSLonline.com offers Extended Validation SSL (EV SSL) including the following: VeriSign Secure Site Pro (SGC) EV, VeriSign Secure Site EVGeoTrust True BusinessID EV, GeoTrust True BusinessID Multi-Domain EV (SAN/UCC), and Thawte SSL Web Server EV. Retail Director Kent Roberts can be reached anytime at (727) 820-1161.

Thursday 15 September 2011

Plug & Play with The SSL Store - Fully Integrated Application Plug-In

St. Petersburg, Florida - September 8th, 2011 – One of the world leaders within the SSL industry is making their services even easier. The SSL Store has developed fully integrated application plug-in solutions so that their partners can operate as smooth & seamless as possible. Now, any partner can just plug and begin to “play" or seamlessly offer SSL to all of their customers within their control panels.

“We at The SSL Store believe our partners don’t have to adjust their business based on our solutions. We allow our partners to choose their own platform to sell SSL certificates. It is our mission to make the SSL business seamless with a variety of platforms, giving our partners maximum flexibility in choosing their panels or billing systems while at the same time giving them the best rates and of course, our fully committed 24/7 support guarantee."

There will be many more plug-ins available soon, but currently, The SSL Store has WHMCS, Client Exec, Parallels PLESK & Parallels Business Automation Standad PBAS) available and plans to continue to constantly development new ones. Actually, they are in the process of developing quite a few other ones right now according to their Director of Global Channel Development, Bill Grueninger.

These plugins allow a partner to operate as efficiently as possible by eliminating the manual workflow usually associated with the sale of SSL certificates. With The SSL Store plug-ins, partners can access a wide range of globally renowned & trusted SSL and security products all under one roof. The plug-ins support everything from sign-ups to termination, automated & recurring billing, multiple currencies, estimates, ticket support, provisioning & management and last but, certainly not least, all of the plugins are backed by the industry’s best 24/7 support. Also, all of the plug-ins is based on a fully secure API to ensure privacy.

By utilizing one of The SSL Store’s fully integrated plug-in options, you can increase your ticket value and maximize your profits.For more information contact Bill Grueninger at bill[at]thesslstore.com or 727-820-1164.

About the Author: The SSL Store is based in St. Petersburg, Florida, in the United States. Organizations large and small, including NASA, Microsoft, the United Nations, and many other organizations, have trusted The SSL Store with their SSL security certificate needs since 2007.

https://www.thesslstore.com/pressroom/plug-n-play-with-the-ssl-store.aspx

Plug and play With TheSSLstore

Sunday 11 September 2011

Multi-level protection to ensure security of online transactions


Using advanced EV SSL server certificate and establishing SSL encrypted safety passageway

The EV SSL server certificate used by our website is a certificate issued in accordance with strict global authentication standards and has higher security than ordinary SSL certificates, so it’s used to protect the user against online transactions with banks not rigorously authenticated, addressing the growing online fraud, and guarding against phishing websites.

The EV SSL certificate is compatible with the regular SSL certificate. If a customer uses a browser of IE6 edition or below, the EV SSL certificate will be treated as a regular SSL certificate. If a customer uses a browser of IE7 or IE8 edition to visit a website protected by the EV SSL certificate, a green address bar will appear in the browser and the unit name of the website, and the issuer of the certificate will recursively appear in the security status bar on the right of the address bar, while in case of other SSL certificates the address bar still remain in white.

In the IE7 or IE8 browser, a green address bar will appear in a website encrypted with the EV SSL certificate telling the user that the website they are visiting has been rigorously authenticated. These new interface features can be directly displayed to convince customers that they are visiting their intended website rather than a fake website.

If you log in to CGB online banking and the address bar does not become green, you can click and download the root certificate.

Advanced encryption technology

We use the state-of-the-art SSL128-bit encryption technology to ensure the confidentiality of your information during the transmission between your computer and our bank. Once the information is encrypted, only the specified receiver can read it.

Dual Identity Authentication

We use the state-of-the-art SSL128-bit encryption technology to ensure the confidentiality of your information during the transmission between your computer and our bank. Once the information is encrypted, only the specified receiver can read it.

If the username and password registered through our online banking system is one of the keys for you to log in to the system, the digital certificate is another key for you to log in to our online banking system for account transactions, and the Key Shield provided by our bank is used to protect this key. When you download and save your digital certificate into the Key Shield, you can use it as the lawful and valid certificate for fund transfer between accounts through the online banking system. Due to its uniqueness and irreproducibility, you just need to keep the Key Shield properly and then even if your account number and password are disclosed accidentally, no one can impersonate you and transfer your fund from your account.

Password Security Protection

For the common version of personal online banking, you need to enter the login password in order to log in to our online banking system. To prevent others from stealing your username and making malicious login attempts, if the login password is entered incorrectly for three consecutive times, the system will suspend this account for thirty minutes. If the password is entered incorrectly for ten consecutively times, the system will lock the account. Then you need to go to any CGB outlet under the branch that holds the online banking account to defreeze it before you can use the online banking services again.

Customers of the certificate-based version of personal online banking and those of the corporate online banking system need to enter two passwords in order to log in to our online banking system, namely, the Key Shield password and the login password. If the Key Shield password is entered incorrectly for ten consecutive times, the Key Shield will be automatically locked. In this case, personal customers need to go to any CGB outlet under the branch that holds the online banking account to restore the certificate, and corporate customers need to go to the CGB outlet that holds the online banking account to restore the certificate.

Transaction Interface Time Control

When you are using our online banking system, we monitor the system all the time to see if it works properly. If you open the transaction interface and do not perform any operation for a specific period of time, the system will automatically exit and prompt you to log in to the online banking system again so as to avoid the risk that may be caused when you need to stay away from the computer for a long time but forget to exit the transaction interface.

Transaction Limit Control

To ensure your fund safety, customers of the common version of personal online banking are not allowed to conduct transactions such as making large-sum online payment and transferring money to accounts other than their own for remittance, but are allowed to transfer money between accounts under the same name and make small-sum online payment. When signing up for the transfer service between accounts under the same name, you can go to the counter of a CGB outlet to specify the transfer limit. If you do not specify it, there will be no limit. When making the small-sum online payment, you can set the payment limit by yourself through online banking, but the per-transaction amount cannot exceed RMB 500, and the per-day accumulated amount cannot exceed RMB 1,500. A credit card account is also subject to its own credit line.

Customers of the certificate-based version of personal online banking can freely set the maximum per-transaction online payment amount, maximum per-day accumulated online payment amount, maximum per-transaction outgoing amount and maximum per-day accumulated number of outgoing transfers. If you do not specify these, the system will assume that you do not set any limit for the above transactions. A credit card account is also subject to its own credit line.

Apple revokes DigitNotar certs, Mozilla asks CAs to audit

Apple is the last of the major web browser makers to revoke certificates issued by embattled Dutch-based certificate authority DigiNotar.

In a security advisory released Friday, the Cupertino, Calif.-based computing giant updated Mac OS X 10.6.8 and 10.7.1 to remove DigiNotar from its list of trusted root and extended-validation (EV) SSL certificates. In addition, the patch from Apple configures the Mac platform's default system settings to not trust DigiNotar certificates issued by DigiNotar or any of its partners.

Apple did not, however, release updates for iOS, which powers its iPad and iPhone devices.
Microsoft, Mozilla, Google and Opera already have released updates revoking the DigiNotar certs.
Meanwhile, Adobe said Thursday that it was "in the process of removing the DigiNotar Qualified CA certificate from the Adobe Approved Trust List (AATL)."

And Mozilla, maker of the Firefox browser, is asking all CAs that participate in its root program to audit its PKI infrastructure and systems "to check for intrusion or compromise." In addition, the request, sent Thursday from Kathleen Wilson, owner of Mozilla's CA Certificates Module, asks respondents to ensure that multifactor authentication is in place for all accounts that can issue certificates, as well as confirming that other security controls are deployed.

"Participation in Mozilla's root program is at our sole discretion, and we will take whatever steps are necessary to keep our users safe," the note said. "Nevertheless, we believe that the best approach to safeguard that security is to work with CAs as partners, to foster open and frank communication, and to be diligent in looking for ways to improve."

CAs DigiNotar, which is owned by U.S.-based VASCO, and Jersey City, N.J.-based Comodo have fallen victim this year to hacker attacks. The breaches have resulted in the issuance of counterfeit certificates for such high-profile websites as Google.

Almost all of the victims in both incidents appear to live in Iran.

Wednesday 7 September 2011

Century Payments Partners with Trustwave to Offer Merchants PCI Compliance Solutions



Century Payments, today selected Trustwave to provide Payment Card Industry Data Security Standard (PCI  DSS) compliance validation solutions to its Level 4 merchants. Trustwave is a leading provider of information security and compliance solutions.

The PCI DSS is the payment card industry security requirement for entities that store, process or transmit cardholder data, and has been endorsed by all the major card brands - Visa, MasterCard Worldwide, Discover Network, American Express and JCB.

In an effort to assist merchants with their compliance efforts, Century engaged Trustwave to provide its merchants access to TrustKeeper®, Trustwave's innovative security and compliance web portal.

Trustwave's TrustKeeper is a revolutionary web portal that supports merchants' compliance efforts, including moving merchants through the complex compliance process with greater ease and efficiency by making the tasks achievable by non-technical users. This helps facilitate PCI DSS compliance validation for merchants or acquirers, ISOs and processors with large merchant populations.

TrustKeeper features PCI Wizard, which simplifies the complex PCI DSS compliance process. Additionally, TrustKeeper Agent helps merchants identify if unencrypted cardholder data or track data is stored, thereby reducing the merchants' risk of card data theft. TrustKeeper also helps merchants complete required vulnerability scans and receive their PCI DSS compliance certificate.

"After careful consideration of other programs, we chose Trustwave because they most aligned with our goals and objectives around data security for our merchant portfolio," said Christopher Justice, president of Century Payments. "Trustwave's industry expertise and merchant compliance program will help our clients validate and maintain their PCI DSS compliance through easy-to-complete steps that any-sized merchant can understand."

"Trustwave is excited to partner with Century Payments, a leading payment processor, because they understand the importance of validating PCI DSS compliance across their merchant portfolio and are ready to provide the resources necessary to help manage the requirements," said Robert J. McCullen, chairman, CEO and president of Trustwave. "Our merchant compliance program provides Century Payments the necessary tools to help lead their merchants through the compliance process in a step-by-step program that translates the difficult tasks of compliance validation into a comprehensible language for merchants of any size."

About Century Payments
Century Payments, Inc. (centurypayments.com) is a nationally recognized leader in the electronic payment processing industry, dedicated to developing the most progressive, dynamic programs to benefit merchants, partners and agents alike. Through white label alliance programs, Century is the fastest growing electronic payments company having boarded over 50,000 merchants in the last three years and processing close to $10 billion in annual volume. In 2011, Century entered into an elite group recognized on the Inc. 500 list as one of the top 20 fastest growing, privately owned businesses for two consecutive years. The company is headquartered in Frisco, Texas.

About Trustwave
Trustwave (
trustwave.com) is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper PCI Compliance management software and other proprietary security solutions including SIEM, EV SSL certificates and secure digital certificates. Trustwave has helped hundreds  of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia.