TrustedObjects Manager

The central management station is provided as a ready-to-run hardened appliance and is optionally offered as a redundant system for high-availability requirements. It is controlled via an internal web interface such that authorized administrators can access the management functions remotely using a simple web browser.

The core task of the administrator lays in the setup of logical VPNs, consisting of a specific set of local networks, servers or users at the individual sites. As soon as such an object is added to a logical VPN, the configuration data of every system involved is automatically updated to reflect a virtual network tunneled through the Internet across all respective subnets at each site.

The TURAYA.TrustedObjects Manager comprises a self-contained, integrated PKI system. Without involving the administrator, the system creates an individual certification authority for every logical VPN that is set up. The respective gateway appliance is requested to create a key pair locally which will be centrally certified by this instance. From then on, this signed key pair is ready for use by the VPN appliance.

Finally the Turaya.TrustedObjects Manager integrates a comprehensive and comfortable provisioning solution to distribute new VPN appliance software according to pre-defined rollout groups.

The TURAYA.TrustedVPN appliances permanently maintain a TrustedChannel with the Turaya.TrustedObjects Manager are fully controlled and monitored by this central management system. The TrustedChannel is a mutually authenticated management link, where the TrustedObjects Manager verifies the integrity of the remote software by means of “remote attestation” prior to accepting the link request.

Security anchored in hardware

The management system and the VPN appliances are equipped with an embedded TPM chip (Trusted Platform Module) acting as security anchor which is fully integrated in the overall system architecture up to and including the application level.

The TURAYA.TrustedObjects Manager can optionally be equipped with a fully sealed and FIPS140-2 Level3/4 certified Hardware-Security-Module (HSM) used as certification authority system.

More specifically, the TPM implementation addresses within the appliances:

• The secure storage of private keys within individual appliances such that these keys will never leave the security chip and hence, the trustworthy mutual authentication of VPN gateways vis-à-vis the management station using the integrated PKI procedures
• The trustworthy system bootup by performing a hardware based prior check of the signatures inherent to all essential software modules
• The intangible encryption of persistent configuration data and firmware components

As a result, the total system monitors itself continuously and prevents all manipulations, whether they are attempted remotely or locally.