Wish you had weighed in regarding what controls are used in protecting the private keys of the cloud CAs, what FIPS or other standard the Cloud PKI is rated at, etc. etc. - seems like a pretty basic design aspect to showcase.
@@DrMonkeyzZ @floriandaminato Ths problem is you require on-prem infrastructure to authenticate machine/user certs from the cloud PKI. It's disappointing that there's no offering for that as part of this. You can pay for a cloud-hosted RADIUS, like SecureW2, but why only pay for their coloud RADIUS when they provide the full suite? Cloud PKI, BYOD & Self-service portals, cloud RADIUS. While this cloud PKI is a great step in the right direction, it leaves much to be desired.
You do, yes, in some capacity. Whether that's a Microsoft NPS server, or even a FreeRADIUS server, you will need *something* to authenticate and authorise devices on your wifi/VPN. There are other services like SecureW2 that provide a cloud RADIUS you could look into, but that's added cost.
Hi Bill, great to see you on TH-cam :-)
Loved it . Thank you very much.
Wish you had weighed in regarding what controls are used in protecting the private keys of the cloud CAs, what FIPS or other standard the Cloud PKI is rated at, etc. etc. - seems like a pretty basic design aspect to showcase.
Excellent. Thank you.
Anyone have experience with entrust with regards to certificates? Would the exact same setup described in this video apply to entrust certs?
If I replace my NDES/scep in my onprem environnement for Microsoft Cloud PKI, do I need to add a radius server/solution for wifi/vpn auth ?
That’s the point of cloud PKI no onprem services needed u get ur certificates from intune.
@@DrMonkeyzZ @floriandaminato Ths problem is you require on-prem infrastructure to authenticate machine/user certs from the cloud PKI. It's disappointing that there's no offering for that as part of this. You can pay for a cloud-hosted RADIUS, like SecureW2, but why only pay for their coloud RADIUS when they provide the full suite? Cloud PKI, BYOD & Self-service portals, cloud RADIUS.
While this cloud PKI is a great step in the right direction, it leaves much to be desired.
You do, yes, in some capacity. Whether that's a Microsoft NPS server, or even a FreeRADIUS server, you will need *something* to authenticate and authorise devices on your wifi/VPN. There are other services like SecureW2 that provide a cloud RADIUS you could look into, but that's added cost.
Thanks!