Re: Re: Utimaco Safeguard Easy vulnerability

[joachim.schneider () utimaco de]

SafeGuard Enterprise is too different from SafeGuard Easy that any observations on SGE could be applied to it.

While SafeGuard Easy was explicitly designed to be as undemanding as possible in terms of infrastructure and had no 
real central management,
SG Enterprise uses a Client/Server model with central management and database, allowing administrators to centrally
control all policies and key management.

The only things needed to install a client is the client software package, and a digitally signed configuration package 
that identifies the client's home server and its certificate.
All policies, keys, etc are transported to clients using session-key encrypted network connections. In addition, 
critical data is digitally signed using company-specific keys.